B. Volochiy, O. Mulyak, L. Ozirkovskyi, V. Kharchenko
{"title":"核电厂关键安全控制系统软件可靠性定量需求确定的自动化","authors":"B. Volochiy, O. Mulyak, L. Ozirkovskyi, V. Kharchenko","doi":"10.1109/SMRLO.2016.62","DOIUrl":null,"url":null,"abstract":"Providing the high availability level for the Instrumentation and Control (I&C) Systems in Nuclear Power Plants (NPP) is highly important. The availability of the critical NPP I&C systems depends on the hardware and software reliability behavior. The high availability of the I&C systems is ensured by the following measures: structural redundancy with choice of the I&C system configurations (two comparable sub-systems in the I&C system, majority voting \"2oo3\", \"2oo4\", etc.), maintenance of the I&C system, which implies the repair (changing) of no operational modules, using the N-version programming, software updates, automatic software restart after temporary interrupts caused by the hardware fault. This paper proposes solution of the following case: the configuration of the fault-tolerant I&C system with known reliability indexes of hardware (failure rate and temporary failure rate) is chosen, the maintenance strategy of hardware (mean time to repair, numbers of repair) is specified. In these circumstances it is important to determine quantitative requirements to software reliability: number of software updates during operation I&C system, acceptable duration of the new software version development, acceptable duration of the automatic software restart, determination of acceptable failure rate for each software version. The value of the operational software parameters is determined for the specified availability level of the I&C system. The planned number of software updates determines the duration of testing in order to identify and correct the design faults. Duration of the software testing is limited to the moment when predicted model shows a specified number of hidden (undetected) design faults. To solve this issue, the availability model of the fault-tolerant I&C system was developed in the discrete-continuous stochastic system form. We have estimated the influence of the I&C system on the operational software parameters. Two configurations of I&C systems are presented in this paper: two comparable sub-systems in I&C system, and I&C system with majority voting \"2oo3\".","PeriodicalId":254910,"journal":{"name":"2016 Second International Symposium on Stochastic Models in Reliability Engineering, Life Science and Operations Management (SMRLO)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Automation of Quantitative Requirements Determination to Software Reliability of Safety Critical NPP I&C Systems\",\"authors\":\"B. Volochiy, O. Mulyak, L. Ozirkovskyi, V. Kharchenko\",\"doi\":\"10.1109/SMRLO.2016.62\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Providing the high availability level for the Instrumentation and Control (I&C) Systems in Nuclear Power Plants (NPP) is highly important. The availability of the critical NPP I&C systems depends on the hardware and software reliability behavior. The high availability of the I&C systems is ensured by the following measures: structural redundancy with choice of the I&C system configurations (two comparable sub-systems in the I&C system, majority voting \\\"2oo3\\\", \\\"2oo4\\\", etc.), maintenance of the I&C system, which implies the repair (changing) of no operational modules, using the N-version programming, software updates, automatic software restart after temporary interrupts caused by the hardware fault. This paper proposes solution of the following case: the configuration of the fault-tolerant I&C system with known reliability indexes of hardware (failure rate and temporary failure rate) is chosen, the maintenance strategy of hardware (mean time to repair, numbers of repair) is specified. In these circumstances it is important to determine quantitative requirements to software reliability: number of software updates during operation I&C system, acceptable duration of the new software version development, acceptable duration of the automatic software restart, determination of acceptable failure rate for each software version. The value of the operational software parameters is determined for the specified availability level of the I&C system. The planned number of software updates determines the duration of testing in order to identify and correct the design faults. Duration of the software testing is limited to the moment when predicted model shows a specified number of hidden (undetected) design faults. To solve this issue, the availability model of the fault-tolerant I&C system was developed in the discrete-continuous stochastic system form. We have estimated the influence of the I&C system on the operational software parameters. Two configurations of I&C systems are presented in this paper: two comparable sub-systems in I&C system, and I&C system with majority voting \\\"2oo3\\\".\",\"PeriodicalId\":254910,\"journal\":{\"name\":\"2016 Second International Symposium on Stochastic Models in Reliability Engineering, Life Science and Operations Management (SMRLO)\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-02-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 Second International Symposium on Stochastic Models in Reliability Engineering, Life Science and Operations Management (SMRLO)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SMRLO.2016.62\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 Second International Symposium on Stochastic Models in Reliability Engineering, Life Science and Operations Management (SMRLO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SMRLO.2016.62","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Automation of Quantitative Requirements Determination to Software Reliability of Safety Critical NPP I&C Systems
Providing the high availability level for the Instrumentation and Control (I&C) Systems in Nuclear Power Plants (NPP) is highly important. The availability of the critical NPP I&C systems depends on the hardware and software reliability behavior. The high availability of the I&C systems is ensured by the following measures: structural redundancy with choice of the I&C system configurations (two comparable sub-systems in the I&C system, majority voting "2oo3", "2oo4", etc.), maintenance of the I&C system, which implies the repair (changing) of no operational modules, using the N-version programming, software updates, automatic software restart after temporary interrupts caused by the hardware fault. This paper proposes solution of the following case: the configuration of the fault-tolerant I&C system with known reliability indexes of hardware (failure rate and temporary failure rate) is chosen, the maintenance strategy of hardware (mean time to repair, numbers of repair) is specified. In these circumstances it is important to determine quantitative requirements to software reliability: number of software updates during operation I&C system, acceptable duration of the new software version development, acceptable duration of the automatic software restart, determination of acceptable failure rate for each software version. The value of the operational software parameters is determined for the specified availability level of the I&C system. The planned number of software updates determines the duration of testing in order to identify and correct the design faults. Duration of the software testing is limited to the moment when predicted model shows a specified number of hidden (undetected) design faults. To solve this issue, the availability model of the fault-tolerant I&C system was developed in the discrete-continuous stochastic system form. We have estimated the influence of the I&C system on the operational software parameters. Two configurations of I&C systems are presented in this paper: two comparable sub-systems in I&C system, and I&C system with majority voting "2oo3".
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
