A Perspective on Draft Embedded Digital RIS. Ron Jarrett Tennessee Valley Authority Embedded Digital Devices Workshop October 9, 2014 NRC



Similar documents
Computer-Aided Facilities Management - A Logical Trend

Cyber Security for Nuclear Power Plants Matthew Bowman Director of Operations, ATC Nuclear IEEE NPEC Meeting July 2012

December 5, 2013 VENDOR INSPECTION PROGRAM ANNUAL SELF-ASSESSMENT REPORT FOR FISCAL YEAR 2013

Integrating Cyber Security into Nuclear Power Plant Safety Systems Design

GUIDANCE DOCUMENT TO IMPLEMENT POLICY FOR SOFTWARE QUALITY ASSURANCE IN THE NUCLEAR POWER INDUSTRY

ICT Disaster Recovery Plan

A Regulatory Approach to Cyber Security

WordPerfect Document Compare Summary

Regulatory Guide Verification, Validation, Reviews, And Audits For Digital Computer Software Used in Safety Systems of Nuclear Power Plants

UNITED STATES NUCLEAR REGULATORY COMMISSION OFFICE OF NUCLEAR REACTOR REGULATION OFFICE OF NEW REACTORS WASHINGTON, DC

U.S. NUCLEAR REGULATORY COMMISSION STANDARD REVIEW PLAN. Organization responsible for the review of instrumentation and controls

Cyber Security Design Methodology for Nuclear Power Control & Protection Systems. By Majed Al Breiki Senior Instrumentation & Control Manager (ENEC)

Power Monitoring for Modern Data Centers

REGULATORY GUIDE (Draft was issued as DG-1267, dated August 2012)

SAFETY SOFTWARE QUALITY ASSURANCE FUNCTIONAL AREA QUALIFICATION STANDARD. DOE Defense Nuclear Facilities Technical Personnel

RISK MITIGATION THROUGH STRATEGIC MAINTENANCE AND RELIABILITY

RTP s NUCLEAR QUALITY ASSURANCE PROGRAM

Steven A. Arndt Division of Engineering Office of Nuclear Reactor Regulation

Reliability requires consulting engineers and end users to grasp design, maintenance basics. By Reza Tajali, P.E. Square D Power Systems Engineering

Why SIL3? Josse Brys TUV Engineer

NERC Cyber Security Standards

DRAFT REGULATORY GUIDE

Section A: Introduction, Definitions and Principles of Infrastructure Resilience

Options for Cyber Security. Reactors. April 9, 2015

Proposal to Consolidate Post-Fukushima Rulemaking Activities

Applying NQA-1 Requirements for Computer Software Used in Nuclear Facilities ASME 2014 Small Modular Reactors Symposium April 17, 2014

ABSTRACT. The Guidelines Section F is related to the Purchasing requirements of NSQ100 (Chapter 7.4). Summary

UNITED STATES NUCLEAR REGULATORY COMMISSION OFFICE OF NUCLEAR REACTOR REGULATION WASHINGTON, D.C February 1, 2006

How To Write A Cyber Security Risk Analysis Model For Research Reactor

IMPLEMENTATION OF PROCESS SAFETY MANAGEMENT (PSM) IN CAPITAL PROJECTS

Application of FPGA-based Safety Controller for Implementation of NPPs I&C Systems Vladimir Sklyar, Technical Director

T146 Electro Mechanical Engineering Technician MTCU Code Program Learning Outcomes

Cyber Security Considerations in the Development of I&C Systems for Nuclear Power Plants

ESH 007 Lesson Plan ESQ Training

RADIATION MONITORING SYSTEMS

Proposed Task Group: Electrical Cable and Condition Monitoring Codes and Standards for Nuclear Power Plants

Ensuring Quality Going Down the Supply Chain

NFPA 70E 2012 Rolls Out New Electrical Safety Requirements Affecting Data Centers

Olkiluoto 3 Experience

Defining the Needs of Modern Data Center Power Systems, Low Voltage Circuit Breaker Application

DISTRIBUTED REDUNDANCY:

Vamshi K. Katukoori Graduate Student: NAME University Of New Orleans. Standardizing Availability Definition

A DEVELOPMENT FRAMEWORK FOR SOFTWARE SECURITY IN NUCLEAR SAFETY SYSTEMS: INTEGRATING SECURE DEVELOPMENT AND SYSTEM SECURITY ACTIVITIES

Summary of CIP Version 5 Standards

BUILD VERSUS BUY. Understanding the Total Cost of Embedded Design.

OWestinghouse. U.S. Nuclear Regulatory Commission ATTENTION: Document Control Desk Washington, D.C February 1, 2010

Regulatory Guide Configuration Management Plans for Digital Computer Software Used in Safety Systems of Nuclear Power Plants

Power Reduction Techniques in the SoC Clock Network. Clock Power

The World Nuclear Supply

Selecting Sensors for Safety Instrumented Systems per IEC (ISA )

A New Approach to Nuclear Computer Security

Latches, the D Flip-Flop & Counter Design. ECE 152A Winter 2012

TasNetworks Regulatory Proposal Expenditure Forecasting Methodology

Spreading the Word on Nuclear Cyber Security

MTN Managed Firewall. Description of Service

Design Project: Power inverter

WHITE PAPER Comparing the Total Cost of Ownership of SME On- Premises Business Management Applications and SAP Business By Design

APPENDIX 8 TO SCHEDULE 3.3

Guidance for the Quality Assurance of Fire Protection Systems

How To Determine An Operating Safety Certificate

Master Specialization in Digital Design: Design and Programming of Embedded Systems

F4E-QA QUALITY CLASSIFICATION

US-APWR Human Performance Monitoring Implementation Plan

Cynthia Broadwell, Progress Energy. William Gross, Nuclear Energy Institute

Five steps to a successful material handling CMMS implementation

Appendix A-2 Generic Job Titles for respective categories

A CYBER SECURITY RISK ASSESSMENT FOR THE DESIGN OF I&C SYSTEMS IN NUCLEAR POWER PLANTS

White Paper 40-nm FPGAs and the Defense Electronic Design Organization

Intel Ethernet Switch Converged Enhanced Ethernet (CEE) and Datacenter Bridging (DCB) Using Intel Ethernet Switch Family Switches

Upgrading Path to High Speed Fiber Optic Networks

Chapter 2 Logic Gates and Introduction to Computer Architecture

C-41 (May 13) Procurement Engineering and Supply Chain Guidelines in Support of Operation and Maintenance of Nuclear Facilities

Asset and Lifecycle Management

Belden Certified Industrial Network Provider Program

IAEA 2015 INTERNATIONAL CONFERENCE ON COMPUTER SECURITY IN A NUCLEAR WORLD

STATE OF NEVADA Department of Administration Division of Human Resource Management CLASS SPECIFICATION

COST EFFECTIVE MODERNISATION OF SYSTEMS IMPORTANT TO SAFETY (CEMSIS)

NOT PROTECTIVELY MARKED

Low Cost 100GbE Data Center Interconnect

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Cyber Security R&D (NE-1) and (NEET-4)

Hardware and Software

A Paradigm Shift for Dispatch Consoles From hardware consoles to a licensed, evergreen software platform

Square D Power Management Services. Complete Custom Solutions for Your Power System

Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG All rights reserved

Counters and Decoders

STANDARD REVIEW PLAN

SAMPLE QUESTIONS EXAM EXEMPLAR QUESTIONS. AD6 - Operations management in supply chains. Level 5 Advanced Diploma in Procurement and Supply

ABB PSPS Erich Steinmann; Generator control-2013

ABB Inc. Quality Manual

FPGAs in Next Generation Wireless Networks

Transcription:

A Perspective on Draft Embedded Digital RIS Ron Jarrett Tennessee Valley Authority Embedded Digital Devices Workshop October 9, 2014 NRC

What does the RIS mean to a Utility? This is an important RIS from needed awareness and it needs to ensure proper focus to both the utilities and Appendix B suppliers. Reinforcement of the CCF issue is good and warranted but over stressed. Proof of quality and reliability should be the focus. Too much focus on upper tier digital requirements (references too many high level NRC regulations). The RIS needs to focus on workable solutions and success paths. 1) The RIS needs to clearly define embedded digital. 2) Commercial digital devices, many of which are embedded, are key to maintaining and operating plants in a safe and reliable manner. 3) Most important area in the RIS is the procurement area and getting that right. 4) The RIS needs to consider the cause and effect on plant component/system availability. 2

What Really is Embedded Digital? The RIS does not clearly define what is embedded digital. There is a description but it defines ALL digital components/systems. What is the Staff s target? - Hidden or unknown digital components; - New technology such as a ASIC, FPGA, etc.; - Non microprocessor based components such as discrete digital logic components (i.e., nand and nor logic chips, flip-flops, etc.)? 3

Examples of Possible Embedded Digital An ASIC digital trip device hidden within a breaker A switch Ethernet to fiber converter A digital VFD drive Non complex digital controls within a mechanical component A FPGA chip somewhere on a circuit board A bluetooth transceiver somewhere on a circuit board An ASIC chip somewhere on a circuit board Digital controls in an inverter but they are digital logic based (i.e., Nands, Nors, FFs, etc.) no microprocessors and software 4

Embedded Digital Devices Are Important Use of embedded digital devices is important in maintaining and operating our plants in a safe and reliable manner. Utilities need reasonable and usable methods to define quality and reliability specific for simple components, including simple EDDs. This will promote safety by maintaining and improving the health of plant equipment. - Meeting all the requirements of IEEE 603, IEEE 7-4.3.2, RG 1.152,etc. does not in itself ensure quality and reliability. - The Digital Commercial Grade Dedication (CGD) process (i.e., TR- 106439) is key in the use of embedded devices. Most of these components are not developed under an Appendix B process. - For CGD for simple digital devices, it is not realistic to demonstrate equivalence to every shall statement in every IEEE standard. 5

The Procurement Area The procurement area is the most important part of this issue and utilities need to address their supply chain for hidden digital components. The RIS could have unintended consequences such as difficulty in obtaining replacement components and increase equipment unavailability. - The RIS does not include cyber security in its scope but the implementation difficulties parallel those seen in the procurement area associated with cyber security implementation. Utility s lesson learned should be considered with respect to this RIS. Suppliers need to take note of this RIS and their performance requirements (Ref. NRC IN 2014-11: Recent issues related to the qualification of safety-related components). 6

Procurement Difficulties Examples of procurement difficulties already seen: Replacing a hard drive is now a design change, not an equivalency. We are working on a digital equivalency process and it is proving to be difficult to implement. Plant equipment downtime increases due to lack of spare parts. Cyber security requirements are impacting both safety and non safety Non Safety Critical Digital Assets are our largest population. Commercial vendors are taking exceptions to special requirements for documentation. This will reduce the already limited number of nuclear suppliers. The non safety/non QA area creates a procurement challenge for both digital applications and cyber security requirements. 7

CAUSE and EFFECT of this RIS? Licensing Uncertainty? How will the RIS be used during the inspection process? - Unknown, we have concerns from a back-fit perspective. How will the RIS reference to Non Safety be used and will it stop or delay need upgrades? - Industry has been implementing digital upgrades for the past 25 years improving plant safety with significant success driven by plant availability and trip reduction modifications (i.e., elimination of Single Points of Vulnerabilities using digital systems). 8

CAUSE and EFFECT of this RIS? Equipment Unavailability? Will procurement changes cause loss of nuclear vendors, create difficulties in obtaining spare parts, etc., resulting in the unavailability of plant equipment? - Our in-house elimination of non safety related digital equivalencies and implementation of cyber hardening requirements have already resulted in procurement difficulties. 9

Clearly Target: In Summary What is embedded digital, Potential improvement of utility procurement processes, Better supplier performance, The Staff should be more proactive in helping the industry solve these issues, like this workshop, not just identifying potential problems. Areas that would help utilities: - Graded approaches for acceptance for less complex devices and elimination of CCF triggers. - Methods for reaching a "CCF unlikely" conclusion for both safety and non-safety applications. Diversity or 100% testing is not practical or needed for all applications. - Where a "CCF unlikely" conclusion cannot be reached, we need methods of demonstrating coping, that do not require an LAR. 10

Q&A Graded Approach? Use of Risk Informed? 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information