New DOE Software Quality Assurance Requirements:

Implications for Meteorological Software

New DOE Software Quality New DOE Software Quality Assurance Requirements: Assurance Requirements:

Implications for Meteorological Implications for Meteorological Software Software

Cliff GlantzCliff GlantzPacific Northwest National Laboratorycliff.glantz@pnl.gov 509.375.2166

Presented at NUMUG 2006 Presented at NUMUG 2006 –– St. LouisSt. Louis

2

OverviewOverviewOverview

Background information on the new DOE Software Quality Assurance (SQA) Order and GuideWhat type of software does this new Order impact?What will be required? What does this mean for DOE-related meteorological programs and vendors of meteorological software?

3

Background InfoBackground InfoBackground Info

Defense Nuclear Facility Safety Board (DNFSB) issued “Quality Assurance for Safety Related Software at Department of Energy Defense Nuclear Facilities” inJanuary 2000Little progress was made in addressing issues raised by the DNFSB

4

Background Info (cont)Background Info (cont)Background Info (cont)DNFSB issued Quality Assurance for Safety-Related Software in September 2002Calls for prompt actions in:� Defining SQA

responsibility and authority� Recommending standards

for computer codes used for safety analysis and design

5

Implementation Plan for DNFSB Recommendation

Implementation Plan for DNFSB Implementation Plan for DNFSB RecommendationRecommendation

DOE accepted the DNFSB Recommendation in November 2002Issued Implementation Plan in March 2003Prepared and issued an SQA Order and Guide for Safety Software in the summer of 2005

6

Safety Software is Defined to Include: Safety SoftwareSafety Software is Defined to Include: is Defined to Include:

(1) Safety System Software. Software for a nuclear facility that performs a safety function as part of a structure, system, or component (SSC).

(2) Safety and Hazard Analysis Software and Design Software. Software that is used to classify, design, or analyze nuclear facilities. This software helps to ensure the proper accident or hazards analysis of nuclear facilities or an SSC that performs a safety function

7

Safety Software defined (continued) Safety SoftwareSafety Software defined (continued) defined (continued)

(3) Safety Management and Administrative Controls Software. Software that performs a hazard control function in support of nuclear facility or radiological safety management programs or technical safety requirements or other software that performs a control function necessary to provide adequate protection from nuclear facility or radiological hazards. This software supportseliminating, limiting, or mitigating nuclear hazards to workers, the public, or the environment…

8

Application of the SQA Order Application of the SQA Order Application of the SQA Order

SQA requirements apply toconsequence assessment modelsused for:

hazards assessment/safety planning purpose. emergency response purposes and provide a direct hazard control function. These are models used to make protection action recommendations (PARs), such as HOTSPOT, EPI, ALOHA,…

9

Application (cont)Application (cont)Application (cont)

SQA requirements appear to apply tometeorological software that is used to :

provide data/information used in a safety or hazard analysisprovide data used in emergency preparedness and response, fire protection, waste management, or radiological protection.

10

Applications (cont)Applications (cont)Applications (cont)

Applicable meteorological software is used to:� measure, process, store, and

communicate data at meteorological monitoring locations

� process, store, and communicate meteorological data at central weather stations or data repositories

� process, store, and display meteorological data at Emergency Operation Centers.

11

SQA Requirements in a Nutshell SQA Requirements in a Nutshell SQA Requirements in a Nutshell

Five types of software are mentioned in the Order:1. Custom developed2. Configurable3. Acquired (includes commercial off-the-shelf

meteorological software)4. Utility calculations5. Commercial design and analysis tools.

For each type of software, three different levels (AA, BB, or CC)can be assigned based on how the software is being used.

Ten work activities are required. Depending on theassigned SQA level, a full or graded approach to the workactivity is required.

12

FULLFULLFULLFULL

GRADEGRADE

FULLFULLFULLFULL

FULLFULL

FULLFULLGRADEGRADE

GRADEGRADE

FULLFULLFULLFULL

GRADEGRADE

FULLFULLFULLFULL

FULLFULL

FULLFULLFULLFULL

FULLFULL

FULLFULLFULLFULL

FULLFULL

FULLFULLFULLFULL

GRADEGRADE

FULLFULLGRADEGRADE

GRADEGRADE

FULLFULLFULLFULL

GRADEGRADE

CustomA B C

COTSA B C

Work Activities

10. Training of Personnel

9. Problem Reporting & Corrective Action

8. Verification & Validation

7. Software Safety Design

6. Software Design & Implementation

5. Software Requirements Identification and Management

4. Procurement & Vendor Mgmt

3. Software Configuration Mgmt

2. Software Risk Management

1. Software Project Management and Quality Planning

FULLFULLFULLFULL

GRADEGRADE

FULLFULLFULLFULL

GRADEGRADE

FULLFULLGRADEGRADE

GRADEGRADE

FULLFULLFULLFULL

GRADEGRADE

NANANANA

NANA

FULLFULLFULLFULL

FULLFULL

FULLFULLFULLFULL

FULLFULL

FULLFULLFULLFULL

GRADEGRADE

FULLFULLGRADEGRADE

GRADEGRADE

GRADEGRADEGRADEGRADE

GRADEGRADE

13

DOE/EH SQA WebpageDOE/EH SQA WebpageDOE/EH SQA Webpagehttp://www.eh.doe.gov/sqa/dir.htm

14

What Does this Mean for Vendors?What Does this Mean for Vendors?What Does this Mean for Vendors?

DOE customers may be coming back to you for additional information on your SQA practices and documentationDOE customers will be asking more of you in the SQA arena when they acquire new software A vendor’s existing SQA program may be sufficient to meet DOE needs. Vendors should review the DOE SQA Order and Guide to prepare for questions their DOE customers may have.

15

ConclusionsConclusionsConclusions

DOE Sites will need to make sure that their meteorological software complies with the DOE SQA Order and Guide.Software vendors will be asked to provide documentation to ensure that their software design, development, testing, and maintenance program is in compliance with the SQA Order and Guide.