B. Volochiy, O. Mulyak, L. Ozirkovskyi, V. Kharchenko
{"title":"Automation of Quantitative Requirements Determination to Software Reliability of Safety Critical NPP I&C Systems","authors":"B. Volochiy, O. Mulyak, L. Ozirkovskyi, V. Kharchenko","doi":"10.1109/SMRLO.2016.62","DOIUrl":null,"url":null,"abstract":"Providing the high availability level for the Instrumentation and Control (I&C) Systems in Nuclear Power Plants (NPP) is highly important. The availability of the critical NPP I&C systems depends on the hardware and software reliability behavior. The high availability of the I&C systems is ensured by the following measures: structural redundancy with choice of the I&C system configurations (two comparable sub-systems in the I&C system, majority voting \"2oo3\", \"2oo4\", etc.), maintenance of the I&C system, which implies the repair (changing) of no operational modules, using the N-version programming, software updates, automatic software restart after temporary interrupts caused by the hardware fault. This paper proposes solution of the following case: the configuration of the fault-tolerant I&C system with known reliability indexes of hardware (failure rate and temporary failure rate) is chosen, the maintenance strategy of hardware (mean time to repair, numbers of repair) is specified. In these circumstances it is important to determine quantitative requirements to software reliability: number of software updates during operation I&C system, acceptable duration of the new software version development, acceptable duration of the automatic software restart, determination of acceptable failure rate for each software version. The value of the operational software parameters is determined for the specified availability level of the I&C system. The planned number of software updates determines the duration of testing in order to identify and correct the design faults. Duration of the software testing is limited to the moment when predicted model shows a specified number of hidden (undetected) design faults. To solve this issue, the availability model of the fault-tolerant I&C system was developed in the discrete-continuous stochastic system form. We have estimated the influence of the I&C system on the operational software parameters. Two configurations of I&C systems are presented in this paper: two comparable sub-systems in I&C system, and I&C system with majority voting \"2oo3\".","PeriodicalId":254910,"journal":{"name":"2016 Second International Symposium on Stochastic Models in Reliability Engineering, Life Science and Operations Management (SMRLO)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 Second International Symposium on Stochastic Models in Reliability Engineering, Life Science and Operations Management (SMRLO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SMRLO.2016.62","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7
Abstract
Providing the high availability level for the Instrumentation and Control (I&C) Systems in Nuclear Power Plants (NPP) is highly important. The availability of the critical NPP I&C systems depends on the hardware and software reliability behavior. The high availability of the I&C systems is ensured by the following measures: structural redundancy with choice of the I&C system configurations (two comparable sub-systems in the I&C system, majority voting "2oo3", "2oo4", etc.), maintenance of the I&C system, which implies the repair (changing) of no operational modules, using the N-version programming, software updates, automatic software restart after temporary interrupts caused by the hardware fault. This paper proposes solution of the following case: the configuration of the fault-tolerant I&C system with known reliability indexes of hardware (failure rate and temporary failure rate) is chosen, the maintenance strategy of hardware (mean time to repair, numbers of repair) is specified. In these circumstances it is important to determine quantitative requirements to software reliability: number of software updates during operation I&C system, acceptable duration of the new software version development, acceptable duration of the automatic software restart, determination of acceptable failure rate for each software version. The value of the operational software parameters is determined for the specified availability level of the I&C system. The planned number of software updates determines the duration of testing in order to identify and correct the design faults. Duration of the software testing is limited to the moment when predicted model shows a specified number of hidden (undetected) design faults. To solve this issue, the availability model of the fault-tolerant I&C system was developed in the discrete-continuous stochastic system form. We have estimated the influence of the I&C system on the operational software parameters. Two configurations of I&C systems are presented in this paper: two comparable sub-systems in I&C system, and I&C system with majority voting "2oo3".
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
