ML20091M797
| ML20091M797 | |
| Person / Time | |
|---|---|
| Site: | Oyster Creek |
| Issue date: | 06/06/1984 |
| From: | Fiedler P GENERAL PUBLIC UTILITIES CORP. |
| To: | Eisenhut D Office of Nuclear Reactor Regulation |
| References | |
| RTR-NUREG-0737, RTR-NUREG-737 NUDOCS 8406120111 | |
| Download: ML20091M797 (15) | |
Text
GPU Nuclear Corporation
- Nuclear
- ==:r388 Forked River, New Jersey 08731-0388 609 971-4000 Wnter's Direct Dial Number:
June 6, 1984 Mr. Darrell G. Eisenhut, Director Division of Licensing U.S. Nuclear Regulatory Commission Washington, DC 20555
Dear Mr. Eisenhut:
Subject:
Oyster Creek Nuclear Generating Station Docket No. 50-219 Supplement 1 to NUREG-0737 SPDS Implementation Plan
Reference:
Letter dated April 15, 1983, P.B. Fiedler to D.G. Eisenhut Our submittal fulfilling the original response requirements of Supplement 1 to NUREG 0737 (Emergency Response Capabilities) was forwarded to you by the referenced letter. Tnat submittal included a commitmer', to have a Safety Parameter Display System (SPDS) Safety Analysis / Parameter Selection Study and an SPDS Implementation Plan submitted. 'Ibe Safety Analysis was forwarded to you on April 2, 1984. This letter forwards to you the Implementation Plan which includes the Verification and Validation Plan for Oyster Creek's SPDS.
Should you have any questions about this plan, please contact me or Mr.
Drew Holland of my staff at (609)971-4643.
Very truly yours, P{te m
V Fiedler Vice President and Director Oyster Creek PBF:RJ: dam Attachment cc: Mr. J. Ixxnbardo, Project Manager U.S. Nuclear Regulatory Commission 7920 Norfolk Avenue Bethesda, MD 20014 NRC Resident Inspector Oyster Creek Nuclear Generating Station Forked River, IU 08731 8406120111 840606 PDR ADOCK 05000219 F
PDR GPU Nuclear Corporation is a subsidiary of the General Public Utilities Corporation i1
ATTACHMENT SPDS IMPl.EMENTATION PLAN A)
Current Status of SPDS The SPDS is being designed as a subset of the Plant Computer System (PCS). The schedule of the PCS installation is shown on the PCS/SPDS implementation plan shown in Table 1.
A formal Safety Analysis / Parameter Selection Study has recently been completed where a minimum SPDS parameter set has been identified. A large portion of the instruments required for the selected parameters are being installed at present as part of the plant computer schedule. Work will be started shortly on the User Guidelines and display design.
It is opected that SPDS specifications and system requirements will be documented October 1984. During 1985, it is expected that hardware procurement and software coding and testing will be completed followed by system integration which is expected to be completed during the 1985/1986 outage.
If during this process different parameters become necessary for SPDS requirements, such parameters will be installed during this outage.
B)
SPDS Verification and Validation (V&V) Program The Oyster Creek SPDS V&V plan is detailed in the attached document.
This program runs parallel to the SPDS implementation plan. A complete system requirements review will be carried out once the specification / system requirements documents are done.
This will be followed by hardware / software design reviews. The methods and techniques used for the V&V effort are the same as those used for the plant computer software / hardware program. At the end of this verification effort, a validation test plan is formulated such that this test will be carried out during 1985/1986 outage. A detailed description of the V&V program is enclosed.
C)
Operator Training Towards the end of 1985/1986 outage, and when the plant computer becomes operational, user training will start. The training will involve general computer use followed by SPDS specific training programs.
It is expected that by the end of 1986, a basic SPDS will be operational.
OYSTER CREEK SPDS IMPLEMECTATION PLAN 1984 1985 198t J-F M-A M-J J-A 5-0 h-D J-F M-A M-J J-A
' 5-0 h-0 J-F M-A
~M-J J-A 5-0 h-D Computer Deliver PCS Hardware to vender (555)
Basic PCS Software Develop.
and System Integration Deliver to Site / Install /
Accept. Test Basic PCS Operational Input Signals Phase I: Installation
- Phase !!: Design Insta11atien*
SPDS 3iTety Analysis User Guidelines (Preliminary / Final)
Display Design System Requirements Documents Hardware Specs & Procurement Software Design. Coding and Test
- System Integration *
=
SPDS VEV Program-VLV Plan System Requirements Review Hardware Design Review Sof tware Design Review V311dation Test Plan
}
Validation Test Operator Training Computer Use SPDS Use
- Outage Dependent: Will require Prese it 19h. Outa ge Sc ted ulec 1986
')u t a ge adjustment if the outage schedules shown here are changed.
p.,
S t
VERIFICATION AND VALIDATION PLAN FOR OYSTER CREEK SAFETY PARAMETER DISPLAY SYSTEM (SPDS)
r--
TABLE OF CONTENTS i
1.0 INTRODUCTI0fl AND SCOPE 2.0 OVERVIEW 0F V&V ACTIVITIES AND DOCUMENTATION REQUIREMENTS 3.0 SYSTEM REQUIREMENTS REVIEW ACTIVITIES 4.0 HARDWARE CONFIGURATION DESIGN REVIEW ACTIVITIES 5.0 SOFTWARE DESIGN REVIEW ACTIVITIES 6.0 VALIDATION TEST PLANNING AND PERFORMANCE ACTIVITIES 7.0 FIELD VERIFICATION TEST ACTIVITIES
8.0 REFERENCES
8
.O 1.0.. INTRODUCTION AND SCOPE The verification and validation (V&V) plan described herein will be applied to the Safety Parameter Display System (SPDS) for the Oyster Creek Nuclear Generating Station, which is owned and operated by GPU NuclearCorporation(GPUNC).
The purpose of the SPDS V&V program is to assure that the SPDS as installed satisfies its functional requirements in accordance with all applicable staadards and regulations. The scope of the SPDS V&V program includes and is limited to the computer hardware and software that constitute the SPDS. The SPDS will be implemented on the Oyster Creek plant computer system (PCS) presently under procurement from Scientific System Services. A separate V&V program for the PCS is being implemented by Scientific System Services. The scope of the SPDS V&V program does not include PCS hardware and software covered by the PCS V&V program.
~
' 2.0 OVERVIEW 0F V&V ACTIVITIES AND DOCUMENTATION REQUIREMENTS Figure 1 diagrams all the V&V related activities for the OC SPDS program. The five main V&V activities as illustrated in Figure 1 are:
o System Requirements Review; o
Hardware Configuration Design Review; o
Software Design Review; o
Validation Test Planning and Performance; and o
Field Verification Testing The intent of the verification / review activities is to provide a comprehensive evaluation of the system requirements to determine that the right problem is being solved; and to provide a phase-by-phase check to determine that each phase is a consistent, complete and correct translation of the previous phase. The intent of the validation activities is to test and evaluate the integrated hardware and software system to determine compliance with the system requirements.
The people who perform the V&V activities of Figure 1 will not participate in the SPDS design or implementation.
m._
--. v
SV5MW N
DIERAENT 4
I I
NTE svSTEM E
[
N REQUmE NTS MATRIX (RTM) l I
l SOFTWARE AN des ms=
.T CONFIGU.RA ION m xE0uaE I
I I
COWIGURA 10N TEST PLAN h
M fyy*
REVIE ANO RTW N
UPDATE CODE. BUILO ANO HARDWARE TEST SOFTWARE PROCUREMENT MODULES 00CudENTS RECEIVE.
IN5PECT.
INSTALL AND TEST HARDWARE INTEGRATION AND TESTING l
T Svutotmev VALCATION TEST l
PeoJect ACTtytTV i
FIELO INSTALLATION j
r AND TEST
(
vav Activity l
FIELO vtwum TEST I
i~
vALeATm fEPORT l
l FIGURE 1: FIN DIAGRAM OF OC SPDS V&V RELATED ACTIVITIES i
The V&V documentation provides formal evidence that the system has been verified and validated. Table 1 lists the documentation that will be produced by the SPDS V&V program. Seven major reports in addition to the V&V plan documented here will be produced during the program. The documentation will provide an audit trail in that non-associated personnel will be able to reconstruct the program activities and the results of those activities from the documentation.
In general the results of each major V&V task of Figure 1 are documented in a separate report _in accordance with Table 1.
. nW.
- Verification and Validation Plan The initial document System Requirements Review Report Requirements Traceability Matrix (RTM)
The cross referencing document for the entire SPDS V&V program Hardware Configuration Design Review Report Software Design Review Report Validation' Test Plan and Report Field Verification Test Plan and Report SPOS V&V Program Final Report Summary of all previous activities with conclusions.
Closure of all open items.. The
" Validation Report" of Figure 1.
i e
.. $ ?
w -
.r-3.0 SYSTEM REQUIREMENTS REVIEW ACTIVITIES The system requirements are the foundation on which the completed system
.is designed, built and accepted. The principal goal of the system requirements review is to independently determine if fulfilling the system requirements will result in an effective, functional SPDS that is in compliance with all the applicable standards and regulations.
The design basis for both the hardware configuration and software design shall be examined in the system requirements review. The major objective shall be to determine whether the system requirements are consistent with the system purpose, correct, complete, understandable, feasible, testable, and traceable.
A key system requirements review activity will be the creation of a Requirements Traceability Matrix (RTM). The RTM for the SPDS will list every functional, performance and project requirement for the program in a tabular format. Each item in the RTM will be cross-referenced to the paragraphs in each of the other major program documents. Figure 2 illustrates one page from the RTM for the Oyster Creek plant computer system. A similar format will be used for the Oyster Creek SPDS.
I acautuntnis wralr. ctwat rustic ur airr auctras conronation taruni I
l l rec n icat i sysrta srsita l l
l l
l l
l Iseccificarianslntquiunturlancnitterunel l
l l
l l
- scrionn ano etaronmact i 13c2-Or-002 Isercifla riang oocarnt l l
l I;
l l Ittal u0usuntnis latv i 06/ w s31302163-Otoos 1302163 4e00al I
i 1
l I
l l
l l
l l
Il l
,2I i'. *...
I I
I I
I I
I g.'*...".'.....".."..'".."..'"..".'..l l
l l
l l
l l
l==
==l l
l 1
l l
l l
l l
1.
ortmarins srsita sorrm as.. l l
l l
l l
l l
[l l=a
- l l
l l
l l
l l
, l l.................................l l
l l
l 1[
l l
rl g.................................l l
l l
l l
3 l
l l
l l
l l
j ll l'r l Operating system software ullt be l i
5.2 l 15.1 l
l l
l ll l
i l
lanesecutive-typestandard l
l l
l l
l loperatingsystemwiththe l
l l
l l
l l'
l l
l following capabilities:
l l
l l
l l
l l
! a.
Activate tasks l
l 10.2.3 l
l l
l l
l b.
suspend tasks l
l 15.I.1 l
l l
l l
l ll lc. Resume tasks l
l 15.1.1 l
l l
l l
l ld. Delete tasks l
l 10.2.3 l
l l
l l
l l
le. Walt l
l 15.1.1 l
l l
l l
l l
lf. Enable Interrupts l
l 15.1.1 l
l l
l l
l f
l g.
Initiate laterrupts l
l 15.1.1 l
l l
l l
l l
l h.
Olsable interrupts l
l 15.1.1 l
l l
l l
l l
ll. schedule programs via l
l 10.1 l
ll l
l l
time-of-day or periodic l
l l
l l
l l j. control transfers between l
l 15.1.1 l
ll l
l; y
,1 l
main and availlary sumery l
l ll ll l
l M
ll l k.
Provide calendar functions l1.3.1 l
l 5
l l1. utillie all n/W features 15.l.2 l
I.
- l l
m.
nost recently released 0/s l
15.1.1 ll l
l (minimally nu tv G.2 or l
l l
sa 5
l nrI 3.2 version) l ll l
l l
l n.
Provide I/O services for 10.4 l
l l
i I
all devices l
l j
l g
ll l
l 1
l l
l l
l l
ls 302163-3200c/02204/31558/0le2a l
FIGURE 2:
SAMPLE PAGE FROM OYSTER CREEK PCS REQUIREMENTS TRACEABILITY MATRIX (RTM) w
~
4.0- HARDWARE CONFIGURATION DESIGN REVIEW ACTIVITIES The hardware configuration design review will trace the design to the system requirements. The review will also ensure that the design documents'are complete, detailed and unambiguous.
The RTM shall be updated as part of the review, i.e. columns shall be added to Figure 2 as necessary to cover the design configuration documents and the tabulated items shall be cross-referenced to paragraphs in the documents.
h,
.?
3
.f.
r D
i b
b
4 5.0 SOFTWARE DESIGN REVIEW ACTIVITIES
.[
The software design review shall be conducted on the entire SPDS software
' system, and trace the design to the system requirements. Criteria that shall be used for the software design review will include completeness, consistency and testability.
The software design review activity shall assure that the software design documentation is complete, understandable, and unambiguous. Furthermore, the-verification activity shall assure that the design documentation describes the relationship of SPDS functions with the other plant computer functions.
The RTM shall be updated as part of the review, i.e. columns shall be added to Figure 2 as necessary to cover the software design documents, and the tabulated items shall be cross-referenced to paragraphs in the documents.
4 t
9
~
~
se
6.0 VALIDATION TEST PLANNING AND PERFORMANCE ACTIVITIES 6.1 General i
The validation-tests are intended to confirm by demonstration that i
the SPDS hardware and software meet the system requirements. The I
tests are initially planned based on the system requirements, but may be modified based on the results of the hardware and software design reviews.
6.2 Test Plan The test plan shall establish the detailed requirements for testing i
the hardware and software functionality of the overall system. The test plan shall fulfill all the testing requirements specified in the SPDS system requirements document. Furthermore, it shall incorporate the results of the hardware configuration and software design specification reviews. Specific test plan items shall be cross-referenced in the RTM to the system requirements that they address.
a w
a
R The test plan shall include startup, shutdown, initiation, display selection, data archive, and test feature tests as applicable in addition to the operational tests. The degree of isolation between l
SPDS operation and other functions that are performed on the same computer system shall be demonstrated by tests described in the test plan.
The test plan shall include all the forms that will be completed during the tests.
6.3 Validation Test The validation test shall demor. strate the proper performance of each function and the fulfillment of the design requirements for the The validation te't shall implement the overall system.
s requirements-of the test plan and shall be witnessed by the Project Manager and V&V personnel. All successes and problems identified during the tests shall be documented during the test program.
L f
e-
7.0 FIELD VERIFICATION TEST ACTIVITIES The purpose of the field verification test is to verify that the validated system is properly installed. Since the plant computer system (PCS) will have been installed previously and since there will be no movement of the SPDS hardware or software following the completion of the validation tests, the field verification will be concerned with those aspects of " going live" that were not present during the validation test.
In particular, it will be necessary to check input signal levels, and it may be appropriate to monitor the on-line performance for some reasonable period of time immediately after going live.
e 4
h r
w
.u a- --%
m m m
.m m.2..
.o J
L-.
m m.
-______;._____-.m_a.
~*.
4
8.0 REFERENCES
The following references are some of the applicable standards and regulations for the SPDS.
1 1.
Verification and Validation for Safety Parameter Display Systems.
NSAC/39. December 1982.
2.
Human Factors Review Guidelines for the Safety Parameter Display System. NUREG-0835 (Draft).
June 1982.
3.
Guidelines for Control Room Design Review. NUREG-0700.
September 1981.
4.
Supplement.1 to NUREG-0737 - Requirements for Emergency Response Capability (Generic Letter No. 82-33). December 1982.
5.
Functional Criteria for Emergency Response Facilities - Final Report. NUREG-0696. February 1981.
[
U
..