Applying NQA-1 Requirements for Computer Software Used in Nuclear Facilities ASME 2014 Small Modular Reactors Symposium April 17, 2014

Applying NQA-1 Requirements for Computer Software Used in Nuclear Facilities ASME 2014 Small Modular Reactors Symposium April 17, 2014 Presented by: Norman P. Moreau, PE, CSQE, CQA President and Principal Consultant Theseus Professional Services, LLC Westminster, MD 21158 410-857-0023 nmoreau@theseuspro.com www.theseuspro.com

Who Am I? President and Principal Consultant of Theseus Professional Services. Theseus is a Veteran-Owned Small Business providing quality related services to various industries. B.S. in Mechanical Engr. and M.S.A in Software Engineering Administration Started in the nuclear industry in 1986 First software QA project in 1988 Member of NQA-1 since 1992 Member of EPRI team that developed CGD guidance (Doc. #1025243) Held positions as programmer, SQE, software tester, software process engineering manager, SQA manager Disclaimer: The views expressed by the speaker do not represent the views or positions of the ASME NQA-1 Committee, the NRC or EPRI. They are the views of the speaker only 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 2

Why We Need SQA? SOFTWARE IS HARD... writing of programs proved to be much more difficult than all the other things I [Donald E. Knuth] had done (like proving theorems or writing books). The creation of good software demands a significantly higher standard of accuracy than those other things do, and it requires a longer attention span than other intellectual tasks. [Meir Lehman] it is easy to decide to change software, it is another thing entirely to actually change it. Source: Technical Report, CMU/SEI-92-TR-34, ESC-TR-92-034, Academic Legitimacy of the Software Engineering Discipline, November 1992 ICONE18-29934 3

2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 4

Developers Where Do Computer Programs Reside & What Part of NQA-1 Applies? Req. 2 Req. 3 400 & 800 All of 2.7 (depending on SW type) Req. 2.7 System Software HW Req. 8 & 12 SW Req. 3 & 2.7 CM 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 5

NQA-1-2008 Part I Introduction: Terms and Definitions Computer program a combination of computer instructions and data definitions that enables computer hardware to perform computational or control functions used for: (a) (b) (c) (d) Design analysis; Operations or process control; or Data base or document control registers when used as the controlled source of quality information for (a) or (b) above. To the extent that computer programs are a physical part of plant systems (SIS, DI&C) they are included in the term item. Software computer programs and associated documentation and data pertaining to the operation of a computer system The source of both definitions used in ASME NQA-1 is ANSI/IEEE 610.12-1990 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 6

Software Used in the Nuclear Industry Use: Ex: Process Control (Digital I&C) PLC, EPROM, Instrumentation, HMI Also EPRI Guidance, Appendix C Design Analysis (Design & Analysis) FEA, Code Calc, Structural, Geotechnical, Seismic, Dispersion Operations (Mgmt. & Admin) ERP, MRP, e-p&id, CMMS, e-doc/e- Record Control Systems Most software today is very much like an Egyptian pyramid with millions of bricks piled on top of each other, with no structural integrity, but just done by brute force and thousands of slaves. Alan Kay 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 7

Software Requirements in ASME NQA-1 Part I describes the overall programmatic quality assurance requirements applicable to all aspects of nuclear facilities. Part II contains amplifying quality assurance requirements for certain specific work activities that occur at various stages of a facility. 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 8

Software Guidance in ASME NQA-1 Part III provides nonmandatory guidance on approaches and methods to implement the requirements of Parts I and II. Part IV was developed using lessons learned, proven methods of performance, best practices, and insights of the NQA Committee to provide nonmandatory guidance on approaches and methods to apply Part I and/or Part II requirements to specific applications. 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 9

Software Quality Assurance Where are the Part I Definitions 3-401& 800 Design Control 11-200, 400 & 602 Test Control Requirements and Guidance for Computer Programs in NQA-1? ASME NQA-1-2008 w/2009 Part IV Part III Part II Subpart 2.7 Computer Software Subpart 3.2-2.14 Guide Software CGD (2012) Subpart 4.1 Guide on Computer Software SP 2.14 Commercial Grade Items and Services 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 10

NQA-1-2014 SP 3.2-2.7.2 Example: Software Design Requirements 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 11

Software Requirements in Requirement 3 100 General 200 Design Input 300 Design Process 400 Design Analyses 401 Use of Computer Programs 402 Documentation of Design Analyses 500 Design Verification 501 Methods 600 Change Control 601 Configuration Management of Operating Facilities 700 Interface Control 800 Software Design Control 801 Software Design Process 801.1 Identification Software Design Requirements 801.2 Software Design 801.3 Implementation of the Software Design 801.4 Software Design Verification 801.5 Computer Program Testing 802 Software Configuration Management 802.1 Configuration Identification 802.2 Configuration Change Control 802.3 Configuration Status Control 900 Documentation and Records 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 12

Req. 3: 400 Computer Program Used for Design Analyses Computer Programs Acceptability of computer program preverified or results verified with the design analysis for each application. Preverified computer programs controlled IAW the requirements of the Standard (Requirement 3-800; Requirement 11-100, 200, 400, 602; and Subpart 2.7). Simple and easily understood computer programs that can be confirmed (results verified) through hand calculations may be excluded from Subpart 2.7 (Subpart 4.1-101.1) Complex design/analysis computer programs to be developed following controls in Subpart 2.7 (Subpart 4.1-101.2) Computer program verified for correct solutions for the mathematical model within defined limits. Encoded mathematical model produces a valid solution to the physical problem. 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 13

Software Requirements in Requirement 11 100 General 200 Test Requirements Software Design Verifications Factory Acceptance Tests Site Acceptance Tests In-Use Tests 300 Test Procedures (Other than for Computer Programs) 400 Computer Program Test Procedures (a) Provides for: Adherence to requirements Correct results Performance over range Technical adequacy (b) In-Use test procedures: Confirmation of acceptable performance Different installation Significant changes in OS Periodic when hardware effects 500 Test Results 600 Test Records 601 Test Records 602 Computer Program Test Records 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 14

Software Requirements in Subpart 2.7 100 General Applicability 101 Software Engineering Activities 102 Definitions Additional or Different than Part I 200 General Requirements 201 Documentation 202 Review 203 SCM 204 Problem Reporting and Corrective Action 300 Software Acquisition 400 Software Engineering Methods 500 Standards, Conventions, and Other Work Practices 600 Support Software 700 References * Same structure in SP 4.1 except no definitions or reference paragraph 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 15

Software Development Scenario Software Used in Design and Analysis Activity: Software Life Cycle Development Process Requirements, Acquisition/Design, Implementation, Testing Configuration Control Error Reporting Operation, Maintenance, and Retirement Criteria: Requirement 3-800 Requirement 11-100, 200, 400, 500, 602 Subpart 2.7 Subpart 2.14 SP 3.2-2.14, 2012 and EPRI Guidance 1025243, Dec 2013 Suggested Approach for Use of Simple vs. Complex Software (Subpart 4.1) 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 16

Software Development Scenario Process Control and Operations Software Activity: Software Life Cycle Development Process Requirements, Acquisition/Design, Implementation, Testing Configuration Control Error Reporting Operation, Maintenance, and Retirement Criteria: Requirement 3 800 Reg Guides 1.152 and 1.168 Requirement 11-100, 200, 400, 500, 602 Subpart 2.7 IEEE 7-4.3.2 Subpart 2.14 EPRI Report TR-106439 TR-107339 Suggested Approach for Firmware (Subpart 4.1) 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 17

Questions or More Information? Contact Information: Norm Moreau Principal Consultant Theseus Professional Services, LLC nmoreau@theseuspro.com http://www.theseuspro.com W: 410-857-0023 / C: 410-596-2209 If you want to consider participation in ASME NQA-1 Committee activities visit http://cstools.asme.org/csconnect/committeepages.cfm?committee=o10500000 For an ASME Short Course on NQA-1 Requirements for Computer Software Used in Nuclear Facilities visit https://www.asme.org/products/courses/nqa1-requirements-computer-software-usednuclear For information on Theseus Software Dedication process http://theseuspro.com/pdf/swdedicationflyer2013.pdf 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 18

Reference ASME NQA-1 several editions and addendum, Quality Assurance Requirements for Nuclear Facility Application. ASME New York DOE, Office of Environmental Safety and Quality, Guidance For Commercial Grade Dedication, September 2011 EPRI, Generic Qualification/Dedication of Digital Components Screening of Candidate Components 1006842 EPRI Project Manager R. Torok, December 2002 EPRI, Guideline on Evaluation and Acceptance of Commercial Grade Digital Equipment for Nuclear Safety Applications TR- 106439 EPRI Project Manager R. C. Torok October 1996 EPRI, Evaluating Commercial Digital Equipment for High Integrity Applications A Supplement to EPRI Report TR-106439 TR-107339 Final Report, December 1997 Principal Investigators B. Fink and J. Betlack Project Manager Ray Torok, December 1997 EPRI, NP-5652, Utilization of Commercial Grade Items in Nuclear Safety Related Applications, 1988 EPRI, Plant Engineering: Guideline for the Acceptance of Commercial-Grade Design and Analysis Computer Programs Used in Nuclear Safety-Related Applications,TR- 1025243 Project Manager Marc Tannenbaum, June 2012 Farris Engineering Services, iprsm Commercial Grade Dedication Plan, Draft Rev. 1.502 Moreau, NP, Schrotke, RC, Subir, S, Applying ASME NQA-1 Requirements for Computer Software Used in Nuclear Facilities, ICONE 18, May 17 21, 2010 Xi an, China IEEE Std. 7-4.3.2-1993, IEEE Standard Criteria for Digital Computers in Safety Systems of Nuclear Power Generating Stations NRC, 10 CFR Part 21, Reporting of Defects and Noncompliance,1992 NRC, Review of TRICONEX Corporation Topical Reports 7286-545, "Qualification Summary Report" and 7286-546, Amendment 1 TO Qualification Summary Report," Revision 1 (TAC NO. MA8283), December 2001 http://adamswebsearch2.nrc.gov/idmws/doccontent.dll?library=pu_adams^pbntad01&id=004042634 NRC Regulatory Guide 1.152, Criteria for Use of Computers in Safety Systems of Nuclear Power Plants NRC Regulatory Guide 1.168, Verification, Validation, Reviews, and Audits for Digital Computer Software Used in Safety Systems of Nuclear Power Plants 2014 TPS, LLC. All rights reserved. SMR2014-3384 Slide 19