Upload
wilfred-simpson
View
219
Download
0
Embed Size (px)
Citation preview
1
File:
The OECD Halden Reactor Project
The OECD Halden Reactor Project (HRP) is an International Research Project between 19 countries in Europe, America and Asia
Two main research areas:– Fuel research at the Halden Boiling Water Reactor– Safety - MTO (Man-Technology-Organisation), with
emphasis on computer applications and human factor research
2
File:
Software Verification and Validation at the Halden Project
A main research activity is the safe use of computers for control and supervision of nuclear power plants.HRP has for thirty years worked in the area of software dependability, focusing on- fault avoidance· quality assurance principles· formal development methods- fault detection,· static analysis· testing- fault tolerance,· diversity· safety checks·- reliability and safety assessment
3
File:
Questions/Problems
Deryk has asked us to give comments to four questions /problems.
These are difficult questions to answer, in particular in less than 5 minutes.
I will rather comment on them with reference to related activities at the Halden Project
4
File:
Safety Justification
How to construct a safety justification for programmable systems important to safety?
Safety justification will be based on a variety qualitative and quantitative evidences.
At Halden we have in an experiment tried combine these evidences using Bayesian Belief Nets
5
File:
Assessment based on disparate sources
Four quality aspects are combined with other nodes in the net and lead to a node representing the prior reliability of the system.
Quality of Producer
Quality of Product
Quality of Analysis
Quality of Process
Solution Complexity
Problem Complexity
Prior reliability
6
File:
Combining prior reliabilty with quantitative data
PRODUCTCHARACTERISTICS
DEVELOPMENTPROCESS
OPERATIONAL EXPERIENCETESTING
PRIOR RELIABILITY
POSTERIOR RELIABILITY
Halden
VTT
7
File:
Justification criteria
System reliability
Hazard/risk analysis
Safety defences
Plant PSA
Other acceptance criteria
Justification for safety critical application
Safety assessment Security
aspects
Legal aspects
Political aspectsRisk
reduction
8
File:
Requirements Specification
How to make the requirements specification accurate and cost-effective - especially at the interfaces between the supplier, user and regulator?We are participating in a Nordic project on requirements specification.Emphasis on traceability between
– different requirements– requirements in different versions – requirements and their realisation.
Adaption to different levels of formality.
This will aid the configuration management of the requirement specification and their realisation.
9
File:
COTS
How to provide sufficient evidence of 'off-the shelf' product quality for applications important to safety?
Data on producer pedigree may be available
A ’good’ vendor may provide principles for production
Difficult to get detailed information about development process.
User experience and operational data would be useful, but often not available.
It may be useful to divide COTS based systems into smaller components and estimate reliability of them,
and then use conventional reliability analysis methods.
10
File:
Licensing programmable or 'smart' devices
Licensing aspects of programmable or 'smart' devices for the nuclear industry - what issues should future research resolve.
Related to statements on justification and COTS.
For software safety critical 'smart' devices, where no information about development and code is available,
It may be necessary to analyse the machine code.
Tools for program analysis based on machine code was made in the SOSAT project with TüV, ISTec and Halden.