Current and Future Use of IEEE and IEC Consensus Standards in the Regulation of Digital Instrumentation and Control Systems in the Nuclear Power Industry Steven A. Arndt Division of Engineering Office of Nuclear Reactor Regulation 1
Outline Current state of US digital I&C upgrades, and new plants efforts NRC process and use of standards IEEE standards IEC Standards Standards harmonization MDEP 7 Party Report, IAEA Safety Guides, etc. Summary 2
Current Generation Control Room 3
New Control Rooms ABWR EPR APWR AP1000 4
Background SRP Chapter 7 Move to Retrofitting to Digital New Plants New Digital Platforms More International Vendors Digital I&C Project Plan On-going Work 5
Key Challenges Enhancing regulatory transparence and predictability Need to inform new vendors of NRC guidance and standards Anticipating future needs Evolving technology New Reactors, Operating Reactors, Fuel Cycle Facilities 6
Digital Does Have Some Advantages 7
I&C upgrades, and new plant reviews Analog I&C being replaced by Digital I&C using the Part 50 review process and Chapter 7 New Reactors reviews are being completed using the Part 52 review process and Chapter 7 Current reviews are based on Chapter 7 guidance that references IEEE standards and recent ISGs 8
On-Going Reviews Recent and Current Applications Under Review in NRR Oconee Reactor Protection / Engineered Safety Features System Digital Upgrade License Amendment Request LAR Toshiba topical report on their FPGA safety system Wolf Creek Main Steam/Feedwater Isolation System digital upgrade using FPGAs LAR Doosan-HF Controls Corp. Digital Safety Control System topical report AREVA AV-42 Priority Logic Module Topical Report AREVA SIVAT Software Tool ALS FPGA Safety System Mitsubishi MELTAC Digital Platform DSS SPIN LINE Digital Platform Westinghouse Common Q and Invensys Tricon Platform updates New reactor (Part 52) reviews DCDs COLs 9
Regulatory Framework IEEE 603-1991, Standard Criteria for Safety Systems for Nuclear Power Generating Stations IEEE 279-1971 Criteria for Protection Systems for Nuclear Power Generating Stations 10CFR Part 50, Appendix A, General Design Criteria For Nuclear Power Plants 10 CFR Part 50, Domestic Licensing of Production and Utilization Facilities May 13, 1999 10CFR Part 50, Appendix B, Quality Assurance Criteria For Nuclear Power Plants And Fuel Reprocessing Plants NUREG-0800 Rev. 5 March 2007, Standard Review Plan USNRC Reg Guide 1.118, Periodic Testing of Electrical Power and Protection Systems USNRC Reg Guide 1.152, Criteria for Programmable Digital Computer System Software in Safety Systems of Nuclear Power Plants USNRC Reg Guide 1.153, Criteria for Power, Instrumentation, and Control Portions of Safety Systems USNRC Reg Guide 1.168, Verification, Validation, Reviews, And Audits For Digital Computer Software used in Safety Systems of Nuclear Power Plants USNRC RIS 2002-22, Use of NUMARC/EPRI TR-102348 in Determining the Acceptablity of Performing Analog to Digital Replacements Under 10 CFR50.59 USNRC Reg Guide 1.169, Configuration Management Plans for Digital Computer Software Used in Safety Systems of Nuclear Power Plants USNRC Reg Guide 1.170, Software Test Documentation for Digital Computer Software Used in Safety Systems of Nuclear Power Plants USNRC Reg Guide 1.171, Software Unit Testing for Digital Computer Software Used in Safety Systems of Nuclear Power Plants USNRC Reg Guide 1.172, Software Requirements Specifications for Digital Computer Software Used in Safety Systems of Nuclear Power Plants USNRC Reg Guide 1.173, Developing Software Life Cycle Processes for Digital Computer Software Used in Safety Systems of Nuclear Power Plants Branch Technical Position HICB-14, Guidance on Software Reviews for Digital Computer Based Instrumentation and Control Systems. IEEE 338-1987 Criteria for the Periodic Surveillance Testing of Nuclear Power Generating Stations Safety Systems IEEE 7-4.3.2-2003, Standard Criteria for Digital Computers in Safety Systems IEEE 603-1991, Standard Criteria for Safety Systems for Nuclear Power Generating Stations IEEE 1028-1988 Standard for Software Reviews and Audits EPRI TR-102348, Guideline on Licensing Digital Upgrades IEEE 828-1990, Standard for Software Configuration Management Plans IEEE 829-1983, Standard for Software Test Documentation IEEE 1008-1987, Standard for Software Unit Testing IEEE 830-1993, Recommended Practice for Software Requirements Specification IEEE 1074-1995, Standard for Developing Software Lifecycle Processes EPRI TR-106439 Guideline on Evaluation and Acceptance of Commercial Grade Digital Equipment for Nuclear Safety Applications ASME NQA-1-1983, Quality Assurance Program Requirements for Nuclear Facilities ASME NQA-2a-1990, Part 2.7, Quality Assurance Requirements of Computer Software for Nuclear Facility Applications IEEE 603-1991, Standard Criteria for Safety Systems for Nuclear Power Generating Stations IEEE 1012-1986 Standard for Software Verification and Validation plans IEEE 1012-1998 Standard for Software Verification and Validation 10
Vendor LTR Submittal Recent Review Experience Unendorsed Standards were used to qualify the safety system. DO 254 (FAA standard) was used instead of IEEE 7-4.3.2 License amendment mischaracterized FPGA system as being a Non-Digital / Not software based System Incorrect Commercial Grade Dedication guidance used Insufficient D3 Analysis performed Software Tools Requirements not met 11
Challenges with Standardization Some Standards are part of the regulations (IEEE 603, 323, etc.) Differences in Standards associated with component requirements Differences in Standards associated with regulatory structure Chapter 7 verse Safety Case Differences in Standards associated with regulatory philosophy Safety/Non-Safety verse classification 12
International Electrotechnical Commission One possible way to move to harmonization is to more towards the IEC standards IEC is a leading global organization that prepares and publishes standards for Widely used by some vendors Membership is by National Committees
P Members National Committees participating in nuclear segment Observers Argentina Belgium Canada China Czech Republic Egypt Finland France Germany Italy Japan Korea (Rep. of) Netherlands Norway Romania Russian Fed. South Africa Sweden Switzerland U.S.A. Ukraine United Kingdom Belarus Greece Pakistan Portugal Spain
IEC Organization for the Nuclear Industry Segment Technical Committee 45 Nuclear Instrumentation SC 45A Reactor Instrumentation SC 45B Radiation Protection Instruments SC 45A is closest in interests to IEEE Nuclear Power Engineering Committee (NPEC) SC 45A maintains a formal liaison with International Atomic Energy Agency (IAEA)
IEC SC45A consists of seven working groups WG2 WG3 WG5 WG7 WG8 WG9 Sensors and measurement techniques Application of digital processors to safety in nuclear power plants Special process measurement and radiation monitoring Reliability of electrical equipment in reactor safety systems Control rooms Instrumentation systems WG10 Upgrading and modernization of I&C systems in NPP
US National Committee to SC45A Steven Arndt, US Nuclear Regulatory Commission Clark Artaud, Thermo-Gammametrics Leonard Bond, Pacific Northwest National Laboratory William Catullo, Westinghouse Electric Company Bruce Cook, Westinghouse Electric Company Larry Dunn, GE Hitachi Nuclear Energy James Gleason, General Electric H. M. Hashemian, AMS Gary Johnson, Computer Dependability Assoc Ted Quinn, Longnecker and Associates Julie Reed, Westinghouse Electric Company Steve Seaman, Westinghouse Electric Company Clayton Scott, Triconex Corporation Tighe Smith, Delta M Corporation Tyson Washburn, consultant Richard Wood, Oak Ridge National Laboratory
SC45A Standards IEC 60880 Software aspects of computer-based systems performing category A functions IEC 60515 Characteristics and test methods IEC 60671 Surveillance testing IEC 60987 Hardware design requirements for computer-based systems IEC 62340 Requirements for coping with common cause failure (CCF) IEC 62342 Management of aging IEC 62385 Methods for assessing the performance of safety system instrument channels IEC 62397 Resistance temperature detectors IEC 60768 - Process stream radiation monitoring equipment for normal and incident conditions IEC 60951 - Radiation monitoring system for accident and post accident conditions IEC 60964 - Control rooms Design IEC 61772 - Application of Visual Display Unit (VDU)
SC45A Standards IEC 60737 - Instrumentation important to safety IEC 60965 - Supplementary control points for reactor shutdown without access to the main control room IEC 60988 - Acoustic monitoring systems for detection of loose parts: Characteristics, design criteria and operational procedures IEC 61226 - Classification of instrumentation and control functions IEC 61500 - Data communication IEC 61513 - General requirement for systems IEC 62096 - Guidance for the decision on modernization IEC 62003 - Requirements for electromagnetic compatibility testing IEC 62465 - Management of aging of electrical cabling systems IEC 62566 - Selection and use of complex electronic components for systems performing category A functions IEC 62582 - Electrical equipment condition monitoring methods IEC 62584 - Application of Gamma Thermometers (GT) for Local Power Range Monitor (LPRM) calibration
IEC Collaboration with IEEE IEC is looking for opportunities to harmonize the area of standardization 2002 agreement between IEC and IEEE to publish dual logo standards. Expanded agreement was signed in July 2008 to allow joint work on revision of existing standards IEC/IEEE dual logo effort on revision of equipment qualification standards IEC 60780 and IEEE 323 equipment qualification IEC 60790 and IEEE 344 seismic qualification Commercial dedication of digital equipment Requirements for isolation devices
Multinational Design Evaluation Program Develops common positions that represent agreed upon best practices, including: Simplicity in Design Software Common Cause Failure Software Tools Software Verification and Validation Complex Electronics Data Communications COTS Software and Digital Components Has recommended to IEEE and IEC to jointly prepare standards 21
7 Party Report Other Harmonization Efforts Effort of several European Organization to develop a common set of best practices Currently working with MDEP and IAEA IAEA Safety Guides Efforts to update NS-G 1.1 (software) and 1.3 (I&C) Is working with NRC, other national and international organizations 22
Harmonization Example Software Tools Example: References IEEE 7-4.3.2, section 5.3.2 Software Tools IEC 60880, section 14 MDEP common position 2 Qualification Example: Dual logo standard (IEEE and IEC) for harsh environments NRC endorses IEC standards for EMI/RFI 23
Summary There is a significant effort in the industry to move to digital technology Technology is moving rapidly and there is significant standards efforts in the U.S. and around the world NRC uses IEEE standards for guidance but can review other substantially similar high quality process NRC is working with the various standards organizations to improve the standards and better understand the areas of commonality 24
Questions?