2_arndt - nrc digital i&c iaea 2008 rev 1
TRANSCRIPT
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 1/39
1
Key Issues and Lessons Learned
Associated with the Licensing of U.S.
Digital Instrumentation and Control
System Upgrades
IAEA Meeting
November 3-6, 2008
Steven A. ArndtOffice of Nuclear Reactor Regulation
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 2/39
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 3/39
3
NRC Mission
License and regulatethe Nation’s civilian
use of byproduct,source, and specialnuclear materials toensure adequateprotection of public
health and safety,promote the commondefense and security,and protect theenvironment.
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 4/39
4
NRC Regulatory Functions
• Establish standards,
regulations and requirements
• Issue licenses for nuclear
facilities and users of nuclear
materials
• Inspect facilities and users of nuclear materials to ensure
compliance with requirements
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 5/39
5
NRC Organization
• Two Major Programs
– Nuclear Reactor Safety Program
• Accounted for 80% of
NRC’s costs in FY 2008
– Nuclear Materials andWaste Safety Program
• Accounted for 16% of
NRC’s costs in FY 2008
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 6/39
6
Operating Power Reactors
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 7/397
Research & Test Reactors
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 8/398
Potential New Reactor Applicants
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 9/39
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 10/39
New Reactor Licensing Applications (Site and Technology Selected)
201320122011201020092008200720062005 2014
NOTE: Schedules depicted for future
activities represent nominal assumed
review durations based on submittal
time frames in letters of intent from
prospective applicants. Actualschedules will be determined when
applications are docketed.
An estimated schedule by Fiscal Year (October through September)
10/3/2008
Legend:
The NRC Fiscal Year 2009 (NUREG-1100,
Vol-24, pg. 24) establishes the budget for
the new reactor program. This budget
provides resources for the continuation of the licensing reviews that started in FY
2008, the performance of the COL
acceptance reviews included in the FY 2009
budget. After completion of these
acceptance reviews , the initiation of thelicensing reviews will begin within an 8-
month time frame.
Post SER/EIS Hearing (other hearing activities occur during ESP/COL
safety and environmental reviews)
Number in ( ) next to COL name indicate
number of units/site.
Design Certification
Projected Received
Early Site Permit
Projected Received
Combined License
Projected Received
Unspecified
Clinton ESP HearingSubmittal Dates TBD
Duke ESPs (2) Hearing
Unannounced Applicant ESP Hearing
Unannounced - TBD Hearing
Blue Castle Project - Utah Hearing
*
Hearing
Unannounced - TBD Hearing
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 11/3911
Current Technology
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 12/3912
Future Technology
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 13/3913
Key Challenges
• Reactors in the US were designed and constructed withanalog instrumentation and control systems
• Anticipating future needs New Reactors, Operating Reactors Upgrades, Fuel Cycle Facilities Evolving technology
• Increased complexity– Consolidation of discrete analog functions into single digital system
– Potential consolidation of independent safety systems into a single digitalsystem
– Potential new failure modes
• Limited operational history in nuclear applications
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 14/39
14
Digital Project
• November 8, 2006, Commission briefing• Digital I&C Steering Committee
• Digital I&C Project Plan
– Enhancing regulatory transparence andpredictability and staff review efficiency and
effectiveness through refined regulatory
guidance
– Improving stakeholder interactions
• Maximizing value of domestic and
international interactions
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 15/39
15
EPRI TR-106439Guideline on Evaluation and
Acceptance of Commercial GradeDigital Equipment for Nuclear
Safety Applications
10 CFR Part 50,Domestic Licensing of Production and
Utilization FacilitiesMay 13, 1999
10CFR Part 50,
Appendix B ,Quality Assurance Criteria F or Nuclear Power Plants And Fuel
Reprocessing Plants
10CFR Part 50,
Appendix A,General Design Criteria For Nuclear
Power Plants
NUREG-0800 Rev. 5March 2007, Standard Review Plan
Branch TechnicalPosition HICB-14,
Guidance on Software Reviews for Digital Computer Based
Instrume ntation and Cont rol Systems.
USNRC Reg Guide
1.169,Configuration Management Plans for Digital Computer Software Used inSafety Systems of Nuclear Power
Plants
USNRC Reg Guide
1.170,Software Test Documentation for Digital Computer Software Used inSafety Systems of Nuclear Power
Plants
IEEE 828-1990,Standard for Software Configuration
Management Plans
IEEE 829-1983,Standard for Software Test
Documentation
USNRC Reg Guide
1.171,Software Unit Testing for Digital
Computer Software Used in SafetySystems of Nuclear Power Plants
IEEE 1008-1987,Standard for Software Unit T esting
USNRC Reg Guide
1.172,Software Requirements Specificationsfor Digital Computer Software Usedin Safety Systems of Nuclear Power
Plants
IEEE 830-1993,Recommended Practice for Software
Requirements Specification
USNRC Reg Guide
1.173,Developing Software Life CycleProcesses for Digital Computer
Software Used in Safety Systems of Nuclear Power Plants
IEEE 603-1991,Standard Criteria for Safety Systems
for Nuclear Power GeneratingStations
USNRC Reg Guide1.153,
Criteria for Power , Instrumentat ion,and Control Portions of Safety
Systems
USNRC Reg Guide1.152,
Criteria for Programmable DigitalComputer System Software in Safety
Systems of Nuclear Power Plants
ASME NQA-2a-1990,Part 2.7,
Quality Assurance R equirements of Computer Software for Nuclear
Facility Applications
IEEE 7-4.3.2-2003,Standard Criteria for Digital
Computers in Safety Systems
USNRC Reg Guide1.118,
Periodic Testing of Electrical Power and Protection Systems
IEEE 338-1987Criteria for the Periodic SurveillanceTesting of Nuclear Power Generating
Stations Safety Systems
IEEE 1074-1995,Standard for Developing Software
Lifecycle Processes
IEEE 603-1991,Standard Criteria for Safety Systems
for Nuclear Power GeneratingStations
IEEE 279-1971Criteria for Protection Systems for
Nuclear Power Generating Stations
IEEE 603-1991,Standard Criteria for Safety Systems
for Nuclear Power GeneratingStations
IEEE 1012-1986Standard for Software Verification and
Validation plans
IEEE 1012-1998Standard for Software Verification and
Validation
USNRC Reg Guide
1.168,Verification, Validation, Reviews, AndAudits For Digital Computer Softwareused in Safety Systems of Nuclear
Power Plants
IEEE 1028-1988Standard for Software Reviews and
Audits
USNRC RIS 2002-
22,Use of NUMAR C/EPRI T R-102348 in
Determining the Acceptablity of Performing Analog to Digital
Replacements Under 10 CFR50.59
EPRI TR-102348,Guideline on Licensing Digital
Upgrades
ASME NQA-1-1983,
Quality Assurance ProgramRequirements for Nuclear Facilities
Regulatory Framework
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 16/39
16
Digital I&C
Steering Committee
Cyber Security
Risk-Informed Digital I&C
Diversity and Defense-In-Depth
Licensing Process Issues
Highly-Integrated Control Room – Human Factors
Highly-Integrated Control Room - Communications
Fuel Cycle Facilities
Digital I&C Project Structure
Task Working Groups
I nd us t r y C ont ac t s
NR
C L i ne Or gani z at i ons
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 17/39
17
Task Working Groups
• Cyber Security– Resolve inconsistencies within existing NRC andindustry cyber security documents
• Diversity and Defense-In-Depth
– Identify acceptable diversity and defense-in-depthstrategies (D3) and provide clarification onincorporation of D3 in digital safety systems that willprovide more transparent and predictable reviews
• Risk-informed Digital I&C– Provide guidance as to what is needed for digital
system modeling in Part 52 licensing
– Determine how and if risk-insights can be used to assistin resolution of key digital issues
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 18/39
18
Task Working Groups
• Highly Integrated Control Room –Communications– Provide industry and NRC guidance that defines at a sufficient
level of detail the expectation for inter-divisionalcommunications independence
• Highly Integrated Control Room – HumanFactor – Provide human factors engineering regulatory positions,
guidance, and acceptance criteria to address new aspects of digital control room displays and controls
• Licensing Process Issue– Identify licensing process protocols for submittal and review
new of digital technology applications
• Fuel Cycle Facilities
– Develop guidance for digital I&C for fuel cycle facilities
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 19/39
19
Interim Staff Guidance
• Status of First ISGs– Diversity and Defense-in-Depth Complete (9/26/07)
– Highly Integrated Control Rooms – Complete (9/28/07)
Communication
– Highly Integrated Control Rooms – Complete (9/28/07)
Human Factors– Cyber Security Complete (12/31/07)
– Risk Informing Digital I&CComplete (8/11/08)
Guidance for Reviewing New Reactors
– Licensing Process Scheduled to be (excludingCyber) issued 2/28/09
– Fuel Cycle Facilities Scheduled to be issued 2/28/09
• Completed interim Staff Guidance is available on the NRCPublic Web site: http://www.nrc.gov/reading-rm/doc-collections/isg/digital-instrumentation-ctrl.html
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 20/39
20
Interim Staff Guidance
•Status of Additional ISGs– Highly Integrated Control Rooms- Human Factors
• Manual Operator Action (Scheduled to be issued 10/08)• Safety Parameter Display System (TBD)
• Graded Approach to Human Factors (TBD)
– Risk Informing Digital I&C
• Appling Risk Insights to operating and new reactors (TBD)• State-of-the-Art (TBD)
– Fuel Cycle Facilities• Cyber Security (02/09)
• Adequate Diversity and Defense-in-Depth (02/09)
• Criticality Safety, Independence and Double Contingency (02/09)
• Isolation, Separation and Protection of Digital I&C Systems (02/09)• Common Cause Software Failures (02/09)
• Longer Term Actions• Development of SRP and Regulatory Guide Revision
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 21/39
21
Diversity and Defense-
in-Depth (D3)
1. Adequate diversity
2. Manual operator actions
3. BTP 7-19 Position 4 challenges4. Effects of common cause failures (CCFs)
5. CCF applicability
6. Echelons of defense7. Single failure
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 22/39
22
Diversity and Defense-
in-Depth (D3)
• Adequate Diversity– Additional clarity is desired on what constitutes adequate D3.
Determine how much D3 is enough.
• Manual Operator Actions– Clarification is desired on the use of operator action as a
defensive measure and corresponding acceptable operator action times.
• Interim Staff Guidance– There is no distinction in D3 guidance for digital Reactor
Protection System (RPS) designs for new/future nuclear power
plants and current operating plants.– While CCFs in digital systems are beyond design basis, thedigital RPS should be protected against CCFs.
– A D3 analysis should be performed to demonstrate thatvulnerabilities to CCFs have been adequately addressed.
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 23/39
23
Diversity and Defense-
in-Depth (D3)
• Interim Staff Guidance (cont.)– Where the protective action that should have been automatically
performed by the system subject to CCF is required in less than 30minutes to meet the BTP 7-19 acceptance criteria, an independent anddiverse automated backup, achieving the same or equivalent function,should be provided.
– This automated backup guidance does not apply to follow-on actionsthat are handled in a manual fashion.
– In addition, a set of displays and controls (safety or non safety) should‑
be provided in the main control room for manual actuation and control of safety equipment to manage plant critical safety functions.
• Bases for 30-minute Operator Action Time– Minimizing operator burden under the conditions of a digital system CCF– Past regulatory decisions– Regulatory practices applied in the international community– Engineering judgment
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 24/39
24
Communications
• Areas of Interest– Interdivisional Communications
– Command Prioritization
– Multidivisional Control and Display stations– Digital System Network Configuration
• ISG has one section for each of the first
three areas, the last area is addressed inthe sections devoted to the others areas
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 25/39
25
Human Factors
• Minimum Inventory– Better describe the process for developing and the actual minimum inventory of alarms, controls, and displays
• Interim Staff Guidance
– Applicable only to new reactors– Identifies
• Selection criteria• Process development considerations• Verification
– Two step process consistent with the design acceptance criteria concept
• Computer-Based Procedures– Develop review guidance and acceptance criteria for review of computerized
procedures and associated soft controls• Interim Staff Guidance– Paper and computer based procedures can be essentially the same– Computer-based procedures should not limit the control or situation awareness of
the procedure user – Computer-based procedures can incorporate different levels of automation
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 26/39
26
Review of New Reactor
Digital I&C PRAs
• Areas of Interest– Clarify the use of current methods for modeling digital systems
required by 10 CFR Part 52 PRAs– Where possible, use risk-insights to improve operating reactor
DI&C reviews
– Determine if it is necessary to enhance the state-of-the-art so thata comprehensive, risk-informed decision-making process for licensing DI&C systems can be developed
• Challenges in risk-informing DI&C– Lack of consensus on how to model DI&C systems and their
unique failure modes including common cause failures (CCFs)– Lack of robust data with which to model DI&C system faults andCCFs
– Uncertainties– Linking the DI&C system Probabilistic Risk Assessment (PRA)
with the rest of the PRA
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 27/39
27
Review of New Reactor
Digital I&C PRAs
• Interim Staff Guidance was developed to addresson the first area• Interim guidance for review of new reactor DI&C
PRAs was developed using– Previous NRC licensing experience
– Industry white papers outlining proposed current methods andlessons learned
– NRC review of current guidance and methods– Input from other industries/organizations
• Interim Staff Guidance
– Outlines various attributes and risk insights to help a reviewer identify, at a high level, any potential risk-significant problems in aDI&C implementation
– Provides guidelines for DI&C PRA review for situations where either detailed or limited review is required
– Appendix A provides additional risk insights from previous reviews
of new reactor DI&C risk assessments
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 28/39
28
Review of New Reactor
Digital I&C PRAs
• Based on PRA reviews the NRC has previouslyperformed on new reactor DI&C systems andrecent research activities, 12 review guidelinesare for a basic review including:
– PRA quality– Failure modes– CCF- software and hardware– Uncertainties – modeling, data– Environment– External events– Assumptions– Recovery actions– Contribution of software failures– Data– Monitoring programs
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 29/39
29
Review of New Reactor
Digital I&C PRAs
• Ten additional steps, as applicable, are included if a more detailed review is needed (e.g., through
field audits) including:– Dependencies
– Spurious actuation– Additional review of CCF– Design features– Communications– Additional review of data
– Dynamic effects– Target reliability and availability
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 30/39
30
Cyber Security • Issue was industry concerns of possible conflicts between
Regulatory Guide (RG) 1.152 Rev 2, “Criteria For Use Of Computers In Safety Systems Of Nuclear Power Plants”and NEI 04-04 Rev 1 “Cyber Security Program for Power Reactors”.– Reg. Guide 1.152 (Rev 2) to endorse the updated IEEE Std. 7-4.3.2-2003.
Reg. Positions 2.1 thru 2.9 to provide specific guidance concerningcomputer safety system cyber security.
• Analysis revealed some gaps and some overlaps but noinconsistencies/conflicts between RG 1.152 Rev 2 andNEI 04-04 Rev 1. Rather, the two documents arecomplementary.– Industry committed to revise NEI 04-04 Rev 1 to better incorporate cyber
security guidance for safety-related systems
• 10 CFR 73.55 will include provisions for cyber security of critical digital systems at power reactors, such as safetysystems, security systems, and emergency preparedness
systems.
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 31/39
31
Cyber Security
• ISG clarifies the NRC
staff’s guidance with
regard to implementation
of cyber security
requirements for nuclear
power plant safety
systems
• The ISG includes a cross-
correlation table to
facilitate licensing process
when using draft NEI 04-
04 Rev 2 in lieu of RG
1.152 Rev 2
RG 1.152 Rev. 2Criteria Corresponding DraftNEI 04-04 Rev. 2Criteria
2.2.2 Development Activities C1. Thedevelopment processshould ensure thesystem does not containundocumented code(e.g., back door coding),malicious code (e.g.,intrusions, viruses,worms, Trojan horses,or bomb codes), andother unwanted andundocumentedfunctions or applications.
Development Activities C1. NEI 04-04 Appendix D, page D-3, Section 2 DesignControl Procedures,Bullet 3, Sub-bullet5:“Development processshould ensure that noundocumented code –backdoors, maliciouscodes (viruses, wormTrojans, etc.) or undocumentedfunctions areintroduced.”
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 32/39
32
Fuel Cycle Facility
• Guidance for reviewing adequacy of cyber securityprotective measures
• Clarifies adequate diversity and defense-in-depthdesign features
• Guidance on channel independence for criticalityand non-criticality related safety actions
• Guidance on separation of safety-related functionsfrom non-safety related functions in commonoperator interface devices
• Clarifies acceptable use of software for safetyfunctions to minimize common cause failures
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 33/39
33
Lessons Learned
Operating Reactors
• New technology under review
– FPGA based safety system
– Additional Digital Safety System Platform topical reports
– Priority Logic Module
• Challenge associated with differences between
operating reactor (Part 50) and new reactor
(Part52) reviews
– Level of detail and schedule needed to approve theapplication and maintain technical consistency
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 34/39
34
Lessons Learned
New Reactors
• New technology under review similar to operating reactors
• Challenges for new reactor licensing– Level of design detail in conjunction with the use of I&C design
acceptance criteria (DAC) by applicants
• The use of DAC challenges the level of design detail in all newreactor design centers
• Driving a large number of requests for additional information
• Some technical areas may be addressed by DAC but a certain levelof information is needed in the application even with the use of DAC.
– First-of-a-kind technical reviews
– Dual applicability of reviews to new and current reactors,– Proposed alternatives to staff guidance by the applicants.
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 35/39
35
Operating Experience
• National and International data-bases
• Level of detail not yet sufficient for
revising guidance based on operatingexperience
• Reviewing additional nuclear and non-
nuclear data to identify insights that canbe used to update regulatory guidance
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 36/39
3636
Recent Review Experience
• Vendor LTR Submittal
– Unendorsed Standards were used to qualify the safety
system. DO – 254 (FAA standard) was used instead
of IEEE 7-4.3.2
– License amendment mischaracterized FPGA systemas being a “Non-Digital / Not software based System”
– Incorrect Commercial Grade Dedication guidance used
– Insufficient D3 Analysis performed
– Software Tools Requirements not met
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 37/39
3737
Recent Review Experience
• Licensee LAR Submittal
– D3 Analysis does not conform to ISG-02 guidance for Manual Operator actiontime.
– Documentation not provided to supportISG- 04 Guidance for Bi-directional communications for communications betweenSR and NSR systems.
– An un-approved Topical Report was referenced.
– Insufficient documentation of changes made to procedures referenced by theReference ATR.
– Insufficient documentation provided to support exception to V&V standard positionheld by applicant.
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 38/39
3838
Software Tools
• Tool usage for V&V activities
• Qualification Requirements for Tool itself
• Degree of V&V required for Output of Tool
Reference IEEE 7-4.3.2 section 5.3.2 Software Tools;
Qualification Issues
8/7/2019 2_Arndt - NRC Digital I&C IAEA 2008 rev 1
http://slidepdf.com/reader/full/2arndt-nrc-digital-ic-iaea-2008-rev-1 39/39
Moving Forward
• The ISGs will be formalized through Regulatory Guides,NUREGs, and/or SRPs
• NRC will continue to work closely with key stakeholders toaddress key high-priority issues in a timely manner
• NRC will use the ISGs as part of the review process for future
applications and feed back lessons learned as input for improving the guidance as it is formalized
• NRC is continuing conduct independent research to supportcontinued improvement of its regulatory guidance and workwith industry researchers as appropriate
• NRC staff will continue to engage with domestic andinternational nuclear community and other industries to gainrelevant operating experience and to cooperate future activitiesin digital I&C