QA Requirements for DOE Accelerator Safety System Software K. Mahoney Group Leader, Safety Systems TJNAF Presented at the 2008 DOE Accelerator Safety Workshop.

Slides:

Advertisements

Similar presentations

Module N° 4 – ICAO SSP framework

Advertisements

Course Material Overview of Process Safety Compliance with Standards

PRINCIPLES OF A CALIBRATION MANAGEMENT SYSTEM

Department of Energy Quality Assurance Updates Frank Russo Deputy Assistant Secretary Office of Corporate Performance Assessment Energy & Environmental.

The DMCC Perspective on the Application to Meteorological Software of DOE’s SQA Requirements Prepared by: Cliff Glantz (PNNL) Carl Mazzola (Shaw Env.)

Safety Software QA at BNL’s Collider-Accelerator Department (C-AD) Accelerator Safety Workshop E. Lessard Collider-Accelerator Department August 12-14,

More CMM Part Two : Details.

1 Continuing Evolution of U.S. Nuclear Quality Assurance Principles, Practices and Requirements PART II - A Tutorial August 2005 This document.

EPSON STAMPING ISO REV 1 2/10/2000.

IAEA International Atomic Energy Agency. IAEA Outline Learning objectives Introduction Functions of Regulatory Body (RB) on EPR Appraisal guidance: Part.

SAE AS9100 Quality Systems - Aerospace Model for Quality Assurance

Contractor Management and ISO 14001:2004

1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.

Software life cycle processes Purpose n A new international standard (ISO/IEC 12207:1995(E) that –establishes a common framework for software life cycle.

Main Requirements on Different Stages of the Licensing Process for New Nuclear Facilities Module 4.7 Commissioning Geoff Vaughan University of Central.

Breakout Group 2: Software Quality Assurance Outcome 8/18/10 1.

Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.

5.2 Personnel Use competent staff Supervise as necessary

Protection Against Occupational Exposure

Huzairy Hassan School of Bioprocess Engineering UniMAP.

Codex Guidelines for the Application of HACCP

Onsite Transportation At SRS Robert W. Watkins Manager Packaging & Transportation Services Contractors Transportation Management Association 2015 July.

Technical Meeting on Evaluation Methodology for Nuclear Power Infrastructure Development December, 2008 Nuclear Safety in Infrastructure Building.

Integrated Capability Maturity Model (CMMI)

Introduction to ISO New and modified requirements.

Introduction to Software Quality Assurance (SQA)

Safety Analysis Working Group FY2010 EFCOG Semi-Annual Meeting Brad Evans, Chair Pacific Northwest National Laboratory Rob McKeehan, Vice-Chair Oak Ridge.

Chapter 6 Software Implementation Process Group

2009 DEPARTMENT OF ENERGY ISM CONFERENCE KNOXVILLE, TENNESSEE AUGUST 26, 2009 Cecil Gibb Manager-Operations C Gibb Consultants.

Nov Readiness Review Course Implementation Plan - Mod 8 Screening or Scoping Meeting (ORR vs RA, Authorization Authority (AA) Defined, Startup Notification.

ISO 9001:2000 QUALITY MANAGEMENT SYSTEM REQUIREMENTS

Quality Assurance Program National Enrichment Facility Warren Dorman September 19, National Energy and Environmental Conference.

Carol L. Sohn Senior Nuclear Safety Advisor, Office of Science, SC-33 1 May 5, 2011 Review of Science Sites Hazard Categorization.

QUALITY ASSURANCE TRAINING DOE O 414.1C AND 10 CFR 830, SUBPART A

IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.

Asher Etkin DOE Accelerator Safety Workshop August , 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR.

SENG521 (Fall SENG 521 Software Reliability & Testing Software Product & process Improvement using ISO (Part 3d) Department.

1 Human Performance in Reactor Safety George E. Apostolakis Massachusetts Institute of Technology Presented at the Quality Colloquium,

© 2011 Underwriters Laboratories Inc. All rights reserved. This document may not be reproduced or distributed without authorization. ASSET Safety Management.

Breakout Group 2: Software Quality Assurance Objectives and Goals 8/18/10 1.

Prime Responsibility for Radiation Safety

New DOE Software Quality Assurance Requirements: Implications for Meteorological Software Cliff Glantz Pacific Northwest National Laboratory

Quality Assurance Policy in DOE Debbie Rosano Director, Office of Quality Assurance (AU-33) September 14, 2015 Presented to: 2015 Analytical Services Program.

July LEReC Review July 2014 Low Energy RHIC electron Cooling Edward T. Lessard ESHQ.

Programme Performance Criteria. Regulatory Authority Objectives To identify criteria against which the status of each element of the regulatory programme.

Main Requirements on Different Stages of the Licensing Process for New Nuclear Facilities Module 4.5/1 Design Geoff Vaughan University of Central Lancashire,

ASO Revision Key Discussion Topics Session A. Key Topics Equivalencies/Exemptions Responsibilities Definitions –USI CRD content and structure.

Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation,

IAEA International Atomic Energy Agency School of Drafting Regulations – November 2014 Government and Regulatory Body Functions and Responsibilities IAEA.

This Project is funded by the European Union Project implemented by Human Dynamics Consortium This project is funded by the European Union Projekat finansira.

Integration of Safety into the Design Process Overview of DOE-STD-1189 Richard Black, Director Office of Nuclear & Facility Safety Policy.

Specific Safety Requirements on Safety Assessment and Safety Cases for Predisposal Management of Radioactive Waste – GSR Part 5.

Software QA Safety Systems at SLAC Enzo Carrone Controls Department – Safety Systems SLAC National Accelerator Laboratory.

International Atomic Energy Agency Roles and responsibilities for development of disposal facilities Phil Metcalf Workshop on Strategy and Methodologies.

IAEA International Atomic Energy Agency Methodology and Responsibilities for Periodic Safety Review for Research Reactors William Kennedy Research Reactor.

IAEA International Atomic Energy Agency IAEA Safety Standards for Research Reactors W. Kennedy Research Reactor Safety Section Division of Nuclear Installation.

International Atomic Energy Agency Regulatory Review of Safety Cases for Radioactive Waste Disposal Facilities David G Bennett 7 April 2014.

Thursday August 20, 2009 John Anderson Page 1 Accelerator Interlock System Issues Flow Down of Requirements from the Safety Order to Engineered Safety.

James C. Liu 1 and Lawrence S. Walker 2 1. SLAC National Accelerator Laboratory, CA, USA 2. Brookhaven National Laboratory, NY, USA 1. Introduction ANSI.

Qualification & Training of Work Planners Steven K. Little Work Control Department Manager.

MINE SAFETY MANAGEMENT PLAN. DIRECTORATE GENERAL OF MINES SAFETY DGMS n It is recommended that mines be required to put in place Mine Safety Management.

Matthew Moury Associate Under Secretary for Environment, Health, Safety and Security Office of Environment, Health, Safety and Security EFCOG Executive.

Dave Passarello DOE Accelerator Safety Workshop August , 2009 Software QA Requirements Breakout Session – Key Points.

Storage, Labeling, Controlled Medications Guidance Training CFR § (b)(2)(3)(d)(e) F431.

Introduction for the Implementation of Software Configuration Management I thought I knew it all !

The ORR/RA and the Authorization Basis May 2005 Revision

Software and Systems Integration

HSE Case: Risk Based Approach.

DOE Review of the LCLS Project October 2006

System Safety Regulation

Presentation transcript:

QA Requirements for DOE Accelerator Safety System Software K. Mahoney Group Leader, Safety Systems TJNAF Presented at the 2008 DOE Accelerator Safety Workshop August 13, 2008

“Musts” DOE O 414.1C ‘QA ORDER’ –Updated in 2005 to incorporate Software QA (SQA) for DOE Nuclear Facilities –Scope – Required for all DOE organizations, field elements, and contractors with two exceptions: Naval rector program Bonneville Power Administration –Requires Contractor QA Program (QAP) Part 5 of contractor requirements give requirements for “Safety Software Quality Requirements”

“Safety Software” Safety System Software. Software for a nuclear facility that performs a safety function… Safety and Hazard Analysis Software and Design Software. Software that is used to classify, design, or analyze nuclear facilities. Safety Management and Administrative Controls Software. Software that performs a hazard control function in support of a nuclear facility… necessary to provide adequate protection from nuclear facility or radiological hazards.

QA Order Contractor QAP Requirements for “Safety Software” Work processes involving safety software must be developed and implemented using national or international consensus standards and must include the following elements: a. Facility design authority involvement in the [lifecycle of a safety software application] b. Identify, document, and maintain safety software inventory.

QA Order Contractor QAP Requirements for “Safety Software” c. Establish grading levels for safety software. Document those grading levels in the QAP. d. Using the grading levels established and approved above, select and implement the applicable software QA work activities from the following list to ensure that safety software performs its intended functions.

Software QA Activities ‘Menu’ from 414.1C Contractor Requirements Project Management Risk Management Procurement and supplier management Requirements identification and management Design and Implementation Safety Verification and Validation Problem Reporting and Corrective Action Training of personnel in design, development, use, and evaluation of safety software

DOE Standards with ‘Software’ in the Title DOE-STD Safety Software Quality Assurance Functional Area Qualification Standard –Qualification of Software QA people DOE-STD Design Criteria Standard for Electronic Records Management Software Applications

Guidance DOE G “Safety Software Guide…” –Not bad in generic guidance –Does not hit the mark with respect to hazards and mitigation usign programmable systems at accelerator facilities –Written meet the needs of nuclear facilities –Tries to be non-committal but really ends up with ANSI/ASME NQA (QAPs for Nuclear Facilities) Note: this includes reactor and non-reactor facilities. –Defines levels based on 10CFR830 and by reference DOE STD 1027 “Hazard Categorization and Accident Analysis Techniques for Compliance with DOE Order , Nuclear Safety Analysis Reports”

1027 NF Hazard Category 3 DEFINITION –Hazard Analysis shows the potential for only significant localized consequences. INTERPRETATION –Facilities with quantities of hazardous radioactive materials which meet or exceed Table A.1 values [Radionuclides] 2 DEFINITION –Hazard Analysis shows the potential for significant on-site consequences. INTERPRETATION –Facilities with the potential for nuclear criticality events or with sufficient quantities of hazardous material and energy, which would require on-site emergency planning activities (see Attachment 1). 1 DEFINITION –Hazard Analysis shows the potential for significant off-site consequences. INTERPRETATION –Category A reactors and facilities designated by PSO.

Accelerator Safety Systems Multiple safety functions mitigating hazards from: –Prompt Ionizing Radiation –Radioactive Materials –RF Power –Laser –Electrical Systems –Machinery –Chemical Processing Systems What? No Nuclear?

Accelerator Safety System Software – Scope Application software program used to implement a safety function Embedded software used to execute the application software program Utility software used to code and compile the application software

Software QA QA –Process or methods to ensure desired result or outcome is implemented in an efficient manner Software –Instructions for the implementation of desired functional relation Software QA is –process or methods to ensure efficient implementation of desired functional relation –Note: inferred Safety QA requirement is complement – not to implement undesired functions

Software QA Focus of safety software QA should be on the desired function Requirements –What is the intended function? –How should the function be carried out? –What are constraints and assumptions?

Accelerators and Programmable Safety Systems Using Systems approach where: –Safety functions are identified and ranked –Ranking triggers performance requirements for: Management Technical Staff Hardware Software Lifecycle Testing Management of Change End of Life

ISA/IEC Standards IEC61511/ISA S84 Defined from a safety function perspective. Performance based consensus standards Extensive requirements and guidance on software

Incorporation of System Safety Engineering Higher level than Functional Safety standards –ISO/IEC 15288:2002(E) – Systems engineering – system life cycle processes. –Defines processes for ‘system of systems’ –Incorporates human element

From: INCOSE Systems Engineering Handbook v3.1 Continuing Resolution Continuing Resolution Continuing Resolution Continuing Resolution Continuing Resolution Continuing Resolution

Traditional QA applied to the Program Process and methods to ensure program is: –Free from defects –Dependable –Maintainable –Reviewable –Testable This has to do with requirements for implementation, not the function - Do not confuse quality programming with quality software

Issues 1 Can consensus standards like ISA S84/IEC61511 be used to meet requirements of QA order? (in the context of the accelerator safety order) Are there common hazard ranking levels at accelerator facilities? What are appropriate levels of review for accelerator safety system software? Should this issue be addressed in the ASO Guidance?

Issues 2 What is an acceptable level of competency at various lifecycle stages? Is Functional Safety requirements enough? System Safety? What are implications of General Standard – IEC61508? How does one handle reconfigurable devices like Field Programmable Gate Arrays (FPGA)?