Back to home
 
Analysis and modelling of software in probabilistic safety assessment
 
HOLMBERG Jan-Erik1, BÄCKSTRÖM Ola2, and TYRVÄINEN Tero3
 
1. Risk Pilot AB, Rummunlyöjänkatu 11 G 45, FI-02600, Espoo, Finland (jan-erik.holmberg@riskpilot.fi)
2. Lloyd Register Consulting, Box 1288, SE-17225 Sundbyberg, Sweden (Ola.Backstrom@lr.org)
3. VTT: P.O.Box 1000, FI-02044 VTT, Finland (Tero.Tyrvainen@vtt.fi)
 
Abstract: Currently, no consensus approach is available for assessing safety and reliability of digital I&C at nuclear power plants. Due to the absence of a common method for modelling software failures in the probabilistic safety assessment (PSA), generic conservative common cause failure probabilities are usually used, which tend to be conservative and may ultimately prevent PSA results from providing proper risk insights.This paper presents a method for the quantification of software failures in a reactor protection system. The emphasis of the method is in the definition of the relevant software fault cases and related failure effects. Software fault cases are associated with different software modules, such as system software and application software modules. The approach for the reliability quantification is dependent on the type of module. The failure effects are divided into fatal failure and non-fatal failure of the processor. In the latter case, a specific I&C function is affected and the effect can be failure to actuate on demand or spurious actuation. To estimate the failure probability of a system software module operating experience may be used given that normal operation conditions correspond with transient conditions. For application software modules, indirect evidence needs to be used. The quantification is based on two main metrics: complexity of the application software and the degree of verification and validation of the software. The fractions between fatal vs. non-fatal failure as well as between failure to actuate and spurious actuation is based on expert judgement. The outlined quantification method offers a practical and justifiable approach to account for software failures that are usually ignored in current PSAs. Validation of the method will be a future activity.
Keyword: software reliability; probabilistic safety assessment; reactor protection system; nuclear safety 
 
      Click here for viewing full text.