ML20184A012
ML20184A012 | |
Person / Time | |
---|---|
Issue date: | 07/02/2020 |
From: | Ngola Otto Licensing Processes Branch |
To: | |
Otto N, NRR/DORL/LLPB, 415-6695 | |
References | |
Download: ML20184A012 (3) | |
Text
Basis for Augmented Observation Checklist The purpose of this document is to establish a basis for an augmented observation of a certifying body (CB). The table in this document is based on Table 4.2 in NEI 17-06 that duplicates the information from EPRI TR 106439 Table 4-1 in its first three columns for identifying and assessing dependability critical characteristics (CCs). Column 4 in in this table and NEI 17-06 Table 4.2 demonstrates how the SIL certification process evaluates these same dependability CCs. The table in this document includes a fifth column to propose questions that will form a basis for a checklist for an augmented observation of the certifying body (CB). These same basis questions address the needed compensatory measure identified in the document Comparison of an ISO 17065 Accreditation to a Commercial Grade Survey.
Note that Reference 8 in this table refers to the EPRI report 3002011817, Safety Integrity Level (SIL) Certification Efficacy for Nuclear Power, Electric Power Research Institute, July 2019.
EPRI TR-106439 EPRI TR-106439 EPRI TR-106439 SIL Certification Process Augmented Checklist (Questions?)
CCs for Acceptance Acceptance Criteria Methods of Verification Method of Verification Dependability Criteria for reliability, availability and Reliability: Review vendor reliability Reliability Reliability and maintainability should be derived from calculation/testing methods and Numerical criteria are established by Is there evidence of evaluation of maintainability the requirements of the intended results. Review operating history data. IEC 61508 in terms of PFH and PFDavg. reliability in an approved method in related to the application(s). Specific criteria may be Review and assess design. Perform See p3-7 through p3-13 of Reference 8 IEC 61508?
required established such as numerical criteria reliability analysis. (Method 2) for details.
functionality for reliability or availability of required Is the reliability criteria appropriate functions, or maintainability criteria Review of vendor processes and for the application of the product?
including software. If numerical documentation (Method 2 or 3):
criteria are used, the method of
- Design, development and demonstration should be specified verification processes (e.g., hardware reliability prediction
- Quality assurance program and Built-in Quality Built-in quality using classical methods, or statistical practices
- The IEC Safety Lifecycle (includes Is the IEC Safety Lifecycle (including including: analysis of failure rate data from field
- V&V program and practices configuration management) as configuration management) conform
- Quality of design experience) detailed in p3-13 through p3-21 of to p3-13 through p3-21 of Reference 8
- Quality of Design reviews --architecture review, Reference 8. [EPRI Report]?
manufacture Basic criterion for built-in quality is code reviews, walkthroughs, use of
- CBs review process including the Does the certification process include
- Failure equivalence to the quality of a device analytical techniques, etc. (Method 2 safety case, see Chapter 4 of a review of the OEM safety case for management developed and applied. under a 10 & CDR **text in quotes added**) Reference 8. the product?
- Compatibility with CFR 50 Appendix B program. Failure analysis, at the system level
- ABs review process, see Chapter 5 human operators, Judgment of equivalent quality is and of the commercial grade item of Reference 8.
maintainers based on a combination of: itself
- Self-diagnostics to detect dangerous Does the certification process review
- Design and design review processes, Comparison of device's failure modes failures and force the equipment to the self-diagnostics to detect including software life cycle, V&V, etc. to needs of the application a safe state. See the discussion of dangerous failures and force the Page 1 of 3
Basis for Augmented Observation Checklist EPRI TR-106439 EPRI TR-106439 EPRI TR-106439 SIL Certification Process Augmented Checklist (Questions?)
CCs for Acceptance Acceptance Criteria Methods of Verification Method of Verification Configuration
- Design documentation the Safe Failure Fraction on p3-5 equipment to a safe state? See the control and
- Configuration management Review of product operating history through p3-6 of Reference 8 for discussion of the Safe Failure Fraction traceability of:
- QA program and practices (from vendor, users, user groups, more details. on p3-5 through p3-6 of Reference 8
- Hardware
- Software requirements definition industry reports, INPO, etc.) (Method
- Defect reporting, see p4-9 of for more details.
- Software and requirements traceability 4): Reference 8.
- Firmware (aspects
- Consideration of failure modes and
- Documented (records, traceable)
- SIL Certification Aging, see p4-20 of Does the certification process evaluate of both hardware ACEs in design and verification
- Sufficient (units, years in service) Reference 8. the defect reporting process in and software
- Qualifications and experience of
- Successful (error tracking shows accordance with p4-9 of Reference 8?
configuration personnel involved in design and good performance and device control) verification activities including software is stable) Review the CBs policy on SIL
- Problem reporting
- Relevant (same or similar certification time limits.
- Product operating history
- Testing by the vendor or dedicator hardware/software configuration, functions used, operated similarly, Does the CB use OE in support of etc.) determining reliability similar to Chapter 6 of Reference 8?
Operating History Minimum criterion for configuration Field failure data informs the reliability Is the OEM configuration control and Configuration control: review vendor determination (PFH or PFDavg), see traceability sufficient to support use of control and traceability is that these configuration management program Chapter 6 of Reference 8 operating history data and to ensure be sufficient to support use of and practices. Examine actual the item delivered can be traced back operating history data and to ensure practices, to the documents reviewed as part of the item delivered can be traced back records. (Method 2 or 3) acceptance?
to the documents reviewed as part of acceptance. Additional criteria may apply if the dedicator wishes to Problem reporting: review vendor procure more of the same item in the procedures and practices. Assess future. performance record with previous customers (Method 2). Enter into contractual agreement. Does the SIL certification process As a minimum, problem reporting review OEMs policy for defect must be sufficient to support use of Assess maintainability of dedication. reporting, see p4-9 of Reference 8?
product operating history and to allow dedicator to carry out 10 CFR 21 responsibilities. Specific criteria should Page 2 of 3
Basis for Augmented Observation Checklist EPRI TR-106439 EPRI TR-106439 EPRI TR-106439 SIL Certification Process Augmented Checklist (Questions?)
CCs for Acceptance Acceptance Criteria Methods of Verification Method of Verification be established (e.g., on coverage, timeliness, reporting to the right organization or department).
Page 3 of 3