Breakout Group 2: Software Quality Assurance Objectives and Goals 8/18/10 1.

Slides:

Advertisements

Similar presentations

NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.

Advertisements

Quality Assurance Update Presented byRay Hardwick Presented by: Ray Hardwick.

Department of Energy Quality Assurance Updates Frank Russo Deputy Assistant Secretary Office of Corporate Performance Assessment Energy & Environmental.

Safety Software QA at BNL’s Collider-Accelerator Department (C-AD) Accelerator Safety Workshop E. Lessard Collider-Accelerator Department August 12-14,

ANSI/ASQ E Overview Gary L. Johnson U.S. EPA

Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.

More CMM Part Two : Details.

Software Quality Assurance (SQA). Recap SQA goal, attributes and metrics SQA plan Formal Technical Review (FTR) Statistical SQA – Six Sigma – Identifying.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

Lindy Hughes Fleet Fire Protection Program Engineer Southern Nuclear Operating Company June 4, 2013 Fire Protection.

School for drafting regulations Nuclear Safety Decommissioning Vienna, 2-7 December 2012 Tea Bilic Zabric.

LCLS Transition to Science DOE Status Review of the LUSI MIE Project LCLS NEH ARR John Arthur LCLS Experimental Facilities Division August 11, 2009 Welcome.

GLAST LAT ProjectLAT Engineering Meeting, April 1, 2003 GLAST Large Area Telescope: Performance & Safety Assurance Darren S. Marsh Stanford Linear Accelerator.

FAC 4/20/06 D. Schultz 1 The SAD and ARR for Commissioning The Status of the SAD Being written as a part of the SLAC Linac SAD The Status of the ARR Design.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

Short Course on Introduction to Meteorological Instrumentation and Observations Techniques QA and QC Procedures Short Course on Introduction to Meteorological.

Breakout Group 2: Software Quality Assurance Outcome 8/18/10 1.

RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.

Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META.

Key changes and transition process

Software Quality Assurance Implementation Plan June 15, 2004 Defense Nuclear Facilities Safety Board Chip Lagdon Director Office of Quality Assurance Programs.

Introduction to Software Quality Assurance (SQA)

Copyright 2005 Welcome to The Great Lakes TL 9000 SIG TL 9000 Requirements Release 3.0 to Release 4.0 Differences Bob Clancy Vice President, BIZPHYX,

FY2010 PEMP Notable Outcomes October 15, FRA, LLC Board of Directors 10/15-16/2009 Office of Quality and Best Practices Performance Evaluation Management.

INTEGRATION OF QA/ISM J. R. Yanek Chair, EFCOG ISM Working Group April 13, 2000.

1 BROOKHAVEN SCIENCE ASSOCIATES Authorization Basis Plan Steven Hoey, ESH Manager NSLS-II Project Advisory Committee Meeting December 10 – 11, 2009.

Software Quality Assurance Lecture 4. Lecture Outline ISO ISO 9000 Series of Standards ISO 9001: 2000 Overview ISO 9001: 2008 ISO 9003: 2004 Overview.

Quality Assurance Program National Enrichment Facility Warren Dorman September 19, National Energy and Environmental Conference.

NCHPS Fall Meeting CFR Part 37 Update. Reference: IMPLEMENTATION GUIDANCE FOR 10 CFR PART 37 PHYSICAL PROTECTION OF BYPRODUCT MATERIAL CATEGORY.

Association for Biblical Higher Education February 13, 2013 Lori Jo Stanfield Evaluator Team Training for Business Officers.

QA Requirements for DOE Accelerator Safety System Software K. Mahoney Group Leader, Safety Systems TJNAF Presented at the 2008 DOE Accelerator Safety Workshop.

QUALITY ASSURANCE TRAINING DOE O 414.1C AND 10 CFR 830, SUBPART A

Implementing the New Reliability Standards Status of Draft Cyber Security Standards CIP through CIP Larry Bugh ECAR Standard Drafting Team.

Software Quality Assurance Lecture #2 By: Faraz Ahmed.

Asher Etkin DOE Accelerator Safety Workshop August , 2009 DRAFT DOE STANDARD APPLICATION OF SAFETY INSTRUMENTED SYSTEMS USED AT DOE NON-REACTOR.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or.

Slide 1V&V 10/2002 Software Quality Assurance Dr. Linda H. Rosenberg Assistant Director For Information Sciences Goddard Space Flight Center, NASA

Georgia Institute of Technology CS 4320 Fall 2003.

1 FRENCH PROPOSAL FOR ESARR6 1 - BACKGROUND - 15/02/00 : Kick-off meeting, Presentation of the CAA/SRG input (SW01), Request from the chairman to comment.

New DOE Software Quality Assurance Requirements: Implications for Meteorological Software Cliff Glantz Pacific Northwest National Laboratory

JLab Software Assurance Program A Risk Based Approach to Software Management.

July LEReC Review July 2014 Low Energy RHIC electron Cooling Edward T. Lessard ESHQ.

Programme Performance Criteria. Regulatory Authority Objectives To identify criteria against which the status of each element of the regulatory programme.

1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.

DOE Order 413.3A Program and Project Management for the Acquisition of Capital Assets Catherine Santana Deputy Director, Project Management Systems, OECM.

DOE Integrated Safety Management (ISM) Conference Knoxville, TN August 24-27, 2009 Colette Broussard, DOE-HQ Office of Quality Assurance Policy.

Presented to: By: Date: Federal Aviation Administration Quality and Standards Team (QST) In-Service Management Gold Standard ATO Acquisition Practices.

Integration of Safety into the Design Process Overview of DOE-STD-1189 Richard Black, Director Office of Nuclear & Facility Safety Policy.

2009 DOE Accelerator Safety Workshop Summary of Presentations and Panels Closeout.

ISM at the Savannah River Site Department of Energy Best Practices Workshop Work Planning and Control Tim Flake, Principle Technical Advisor Maintenance.

Integrating EM QA Performance Metrics with Performance Analysis Processes August 26, 2009 Robert Hinds, Manager, Quality Assurance Engineering & Greg Peterson,

Software QA Safety Systems at SLAC Enzo Carrone Controls Department – Safety Systems SLAC National Accelerator Laboratory.

ISM at the Savannah River Site

1 Review of Specifications for Digital Upgrades NHUG Summer Meeting July 17, 2008 Tim Mitchell Component Engineering Palo Verde Nuclear Generating Station.

ECOS Information Session Draft EPA Quality Documents February 13, 2013 Presented by EPA Quality Staff, Office of Environmental Information For meeting.

Evaluate Phase Pertemuan Matakuliah: A0774/Information Technology Capital Budgeting Tahun: 2009.

Thursday August 20, 2009 John Anderson Page 1 Accelerator Interlock System Issues Flow Down of Requirements from the Safety Order to Engineered Safety.

ASO Revision Key Discussion Topics Session A and Session B Follow-up.

0 Software Quality Assurance Implementation Plan Briefing to the Board June 20, 2003.

Qualification & Training of Work Planners Steven K. Little Work Control Department Manager.

Project Management Strategies Hidden in the CMMI Rick Hefner, Northrop Grumman CMMI Technology Conference & User Group November.

Dave Passarello DOE Accelerator Safety Workshop August , 2009 Software QA Requirements Breakout Session – Key Points.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Audits & DOE Walkthroughs ISO and OHSAS surveillance audits August 18 th – 20 th –CD, ESH&Q, and FESS organizations to be audited Software.

Organization and Implementation of a National Regulatory Program for the Control of Radiation Sources Program Performance Criteria.

Planning for Succession

NERC Cyber Security Standards Pre-Ballot Review

PSS verification and validation

Presentation transcript:

Breakout Group 2: Software Quality Assurance Objectives and Goals 8/18/10 1

Why Worry? Adapted from Computer Technik Magazine. Ritsch und Renn 8/18/10 2

Objectives Review 2009 Workshop Outcome. Three talks on SW QA activities at accelerator labs. Identify SW Assurance activities for high impact operations at Accelerator Facilities. Recommendations for incorporating value added SW Assurance activities into a revised ASO guidance document. 8/18/10 3

2009 ASW SQA Session M. Cole. “DOE Accelerator Software and Quality Assurance” M. Cole. “DOE Accelerator Software and Quality Assurance” – Injury, property damage, or program interruption are all credibly possible [outcomes] if software fails in the operation of an accelerator facility – guidance is intended for nuclear facilities – Address the synergism between safety, reliability, and quality – Address the integration of the software with hardware and humans – One may select a consensus standard that addresses the 10 criteria of 414.1C A. Etkin. “Draft DOE Standard Application of Safety Instrumented Systems Used at DOE Non-Reactor Nuclear Facilities” A. Etkin. “Draft DOE Standard Application of Safety Instrumented Systems Used at DOE Non-Reactor Nuclear Facilities” – Draft DOE Standard for use of programmable electronics in non-reactor nuclear safety systems – Consolidation of information for SS & SC safety instrumentation and – Safety Significant material Based on ANSI/ISAS – Adds Alarm Functions, Fire Protection Systems, Systems that monitor start-up 8/18/10 4

Recommendations SQA for software identified in ACE Program shall be developed using as guidance or be based on a consensus standard Authority needs to be established to identify/approve equivalent controls/processes when requirements can not be implemented as written in order/standards SQA for other software Should be risk based (Graded Approach) Specify minimum requirements, e.g. documented design criteria, configuration management, testing protocols Linked to the 10 basic QA criteria in 414.1C Next revision of QA Order > 414.1D Addresses SQA in non-nuclear facilities (current status - comment resolution phase) Suggested Action Plan: Assess implemented SQA program against requirements in revised order. 5

Ten SQA Work Activities from 414.1C.5d (1) Software project management and quality planning (2) Software risk management (3) Software configuration management (4) Procurement and supplier management (5) Software requirements identification and management (6) Software design and implementation (7) Software safety (8) Verification and validation (9) Problem reporting and corrective action (10) Training of personnel in the design, development, use, and evaluation of safety software 8/18/10 6

SQA for All SQASG-TP REV. 0 (January, 2010) “Systematic Approach to Implementing the Quality Requirements of DOE O 414.1C for Software” – Safety software, and – All other software Business Science Enterprise Controls… 8/18/10 7

Software Quality Assurance  Software Assurance NASA-STD (w/Change 1) July 28, 2004 “Software assurance consists of the following disciplines: Software Quality – Software Quality Assurance – Software Quality Control – Software Quality Engineering Software Safety Software Reliability Software Verification and Validation (V&V) Independent Verification and Validation (IV&V)” 8/18/10 8

New Risks August 2006 – Network storm freezes PLC based control at Brown’s Ferry. Non-safety control. (NRC INFORMATION NOTICE: ) June 2010 – Triple redundant processor has systematic software error. - Fail Safe. Affected Safety Significant safety computer at SRS (Rockwell Product Notice – 8110) July 2010 – Stuxnet Trojan used Windows vulnerability to infect Siemens PC based software. Transferred through USB stick. No damage reported. (Siemens Support Entry ID: ) August 2010 – VxWorks (EPICS real time operating system) security vulnerability identified by DHS. (CERT Advisory ICSA ) 8/18/10 9

New Help Control Systems Security Program (CSSP) 8/18/10 10

Alignment with the Safety Order DOE Responsibilities Facility operations meet DOE mission and operational objectives Operations comply with safety program and objectives Ensure facility safety program incorporates: – ASE and SAD – clearly defined roles and responsibilities – a configuration management process – readiness review – inventory of exempt accelerators Major Constituents of the CRD Accelerator Safety Envelope (ASE) – Bounding conditions for safe operations Safety Assessment Document (SAD) – Describe Engineered and Administrative Controls Unidentified Safety Issue (USI) – Configuration Management Accelerator Readiness Review (ARR) – Contractor Assurance Process – Configuration Management Program – Administrative Processes Related to Accelerator Safety 8/18/10 11

Guidance Content Discussion forum 8/18/10 12

Outcome Scott has asked that the breakout sessions produce a set of “outcomes” from the breakout sessions. Review Recommended Action Items Recommendations to DOE/Contractors 8/18/10 13