Protection System Software Research Articles

Reactor protection system software test-case selection based on input-profile considering concurrent events and uncertainties

Recently, the input-profile-based testing for safety critical software has been proposed for determining the number of test cases and quantifying the failure probability of the software. Input-profile of a reactor protection system (RPS) software is the input which causes activation of the system for emergency shutdown of a reactor. This paper presents a method to determine the input-profile of a RPS software which considers concurrent events/transients. A deviation of a process parameter value begins through an event and increases owing to the concurrent multi-events depending on the correlation of process parameters and severity of incidents. A case of reactor trip caused by feedwater loss and main steam line break is simulated and analyzed to determine the RPS software input-profile and estimate the number of test cases. The different sizes of the main steam line breaks (e.g., small, medium, large break) with total loss of feedwater supply are considered in constructing the input-profile. The uncertainties of the simulation related to the input-profile-based software testing are also included. Our study is expected to provide an option to determine test cases and quantification of RPS software failure probability.

Estimation of reactor protection system software failure probability considering undetected faults

Over the years, the probabilistic safety assessment (PSA) of digital reactor protection systems (RPSs) has been a field of research because of the ambiguity over the mechanism of the software failure and quantification of the failure probability. Currently, the software failure probability in the PSA of a nuclear power plant (NPP) is determined mostly based on expert elicitation. Although a number of software reliability assessment methods are available, none of them appears to be compatible to assess the failure probability of safety grade software in an NPP. Quantification of the software reliability becomes challenging, especially when the software reveals no test failures. This paper proposes an integrated approach for an estimation of the probability of failure on demand of safety critical software considering its undetected residual faults. In the proposed approach, the software reliability can be quantified by incorporating the BBN modeling approach, test results, and operational experiences. A case study is also presented by employing the proposed method. The proposed approach is expected to be helpful for a probabilistic safety analysis of a digital I&C system.

Automated test case generation for FBD programs implementing reactor protection system software

SUMMARYAutomated and effective testing for function block diagram (FBD) programs has become an important issue, as FBD is increasingly used in implementing safety‐critical systems. This work describes an automated test case generation technique for FBD programs and its associated tool—FBDTester. Given an FBD program and desired test coverage criteria, FBDTester generates test requirements and invokes the Satisfiability Modulo Theories solver iteratively to derive a set of test cases. An industrial case study using reactor protection system software shows that the automatically generated test suites detected at least 82% of the known faults, whereas manually generated test cases only detected approximately 35%. Mutation analysis revealed that the automatically generated test suites substantially outperformed manually generated ones. Although test sequence generation requires some manual effort in the current FBDTester, it is apparent that the proposed approach significantly improves the efficiency and the reliability of FBD testing. Copyright © 2014 John Wiley & Sons, Ltd.

Software for protection system of VR-1 training reactor

The article deals with the software for a new protection system of the VR-1 training reactor which consists of the independent power protection and the operational power measuring systems. Both systems are computer-based, and they are diverse in sensors, hardware and software. They are responsible for nuclear safety of the reactor, so the quality requirements for their software are strict. The software was developed in accordance with nuclear standards. During the development, both software products were carefully tested, and after the integration of hardware/software, they were validated with the simulation of input signals and the checking of their responses.

Verification Method of Software for Microprocessor-Based Protection System of Nuclear Power Plants

This paper proposes a new concept for efficient verification of software for the protection systems of nuclear power plants. In this idea, all possible input combinations are applied to each module comprising the software and the module responses are compared with their correct responses which are provided beforehand. To realize the concept, algorithms have been developed for observing module responses through an external tester and for generating a quasi minimal test pattern set capable of testing all modules. This approach remarkably reduces the number of required test input combinations in comparison with that of the combinations without observation of module outputs. In addition, most software errors are expected to be uncovered more efficiently with less effort and time.

Experience from Quality Assurance in Nuclear Power Plant Protection System Software Validation

Validation of a digital computer program to be used in a nuclear power plant protection system must meet quality assurance requirements. Digital systems have not traditionally been used on nuclear reactor protection systems. Licensing of digital system software requires providing assurance that the software performs its intended function. To provide added assurance, the Babcock and Wilcox Company performed software validation on the digital program intended for use on a protection system. Software validation of the Reactor Protection System-II digital program presented a multi-faceted challenge. Quality assurance requirements were imposed on the project. Certain validation ground rules were specified. No known methods existed for proving program correctness for nontrivial software. No precedence had been set to estimate the quality or quantity of testing required as a method of validation. Project schedule constraints were imposed. The need for more documentation than normally furnished was recognized, but how much and what kind was not clear. This paper relates how this challenge was met through a discussion of how the project was performed and the lessons learned through those experiences. A test method was devised within validation ground rules and project schedule constraints to validate that software performed the specified functions. Orderly methods of testing and evaluating were implemented and documented in compliance with a plan to provide auditable, traceable evidence of the validation effort and the digital component program performance.