Text

-

June 16, 1989 Docket No. STN 50-605 Mr. Patrick W. Harriott, Manager Licensing & Consulting Services GE Nuclear Energy General Electric Company 175.Curtner Avenue l- San Jose, California 95125

Dear Mr. Marriott:

SUBJECT:

VERIFICATION AND VALIDATION PROCESS FOR ABWR SOFTWARE DEVELOPMENT The purpose of this letter is to inform you of the intended staff visit to San Jose to audit the process of verification and validation for the ABWR design software development. Also, it is intended that this meeting develop a mutual understanding between the staff and GE relative to the stoff's review of-the instrumentation and control systems of-the ABWR,'especially those safety systems utilizing computer-based advanced technology.

During a portion of this audit the staff plans to discuss the GE Wide Range Neutron Monitoring System described in NED0-31439. The intent of-this discussion is to acquire information in' order for the staff to complete its review' of your topical report in a timely manner. This can be done in conjunction-with the ABWR discussions or separately at GE's convenience.

. The audit will be conducted by members of the Instrumentation and Control l Systems Branch and their consultants from June 20-22, 1989. A proposed agenda 1

is enclosed for your consideration. The details of this audit have been previously discussed with members of your staff. If you have questions, please contactmeat(301)492-1104.

Sincerely, original signed by Charles L. Miller for 8906260161 890616 5  ? Dino C. Scaletti, Project Manager

l. PDR ADOCK 0500 Standardization and Non-Power A

Reactor Project Directorate Division of Reactor Projects - III, IV, Y and Special Projects Office of Nuclear Reactor Regulation

Enclosure:

As stated cc: See next page y DISTRIBUTION:

1secteq meg JStewart Eliylton - ()fo3 NRCPD0 SNewberry CMiller i PDSNP Reading- EJordan OGC 'O i DScaletti BGrimes 'l 1 JJoyce ACRS(10) cy,e d/ cA PM:PDSNP LP .P D:PDSNP DScaletti on CMiller 06//6 /89 06/jb89 06/p/89-

smm g UN11ED STATES

[' g NUCLEAR REGULATORY COMMISSION ')

j WASHINGTON, D. C.20555 '

June 16, 1989 g, * . . . +. ,/ ]

Docket No. STN 50-605 2

Mr. Patrick W. Marriott, Manager 1 Licensing & Consulting Services l GE puolear Energy i General Electric Company {

175 Curtner Avenue San Jose, California 95125

)

Dear Mr. Marriott:

j i

SUBJECT:

VERIFICATION AND VALIDATION PROCESS FOR ABWR SOFTWARE DEVELOPMENT j i

The purpose of this letter is to. inform you of the intended staff visit to l San Jose to audit the process of verification and validation for the ABWR l design software development. Also, it is intended that this meeting develop a mutual understanding between the staff and GE relative to the staff's review of the instrumentation and control systems.of the ABWR, especially those safety systems utilizing computer-based advanced technology.

1 During a portion of this audit the staff plans to discuss the GE Wide Range-  ;

Neutron Monitoring System described in NED0-31439. The intent'of this' l discussion is to acquire information in order.for the staff to complete its review of your topical report in a timely manner. This can be done in conjunction with the ABWR discussions or separately at GE's convenience. >

l The audit will be conducted by members of the Instrumentation and Control

, Systems Branch and their consultants from June 20-22, 1989. A )roposed agenda is enclosed for your consideration. The details of this audit lave been previously discussed kith' members of your staff. If you have questions, please contactmeat(301)492-1104.

Sincerely, kd,f A L$b-Dino C. Scaletti, Project Manager Standardization and Non-Power Reactor Project Directorate Division of Reactor Projects - III, IV, V and Special Projects Office of Nuclear Reactor Regulation

Enclosure:

As stated cc: See next page i

Mr. P. W. Marriott Docket No. STN 50-605 General Electric Company cc: Mr. Robert Mitchell General Electric Company 175 Curtner Avenue San Jose, California 95114 Mr. L. Gifford, Program Manager Regulatory Programs GE Nuclear Energy 12300 Twinbrook Parkway Suite 315 Rockville, Maryland 20852 Director, Criteria & itandards Division Office of Radiation Programs U. S. Environmental Protectice Agency 401 M Street, S.W.

Washington, D.C. 20460 Mr. Daniel F. Giessing Division of Nuclear Regulation and Safety Office of Converter Reactor Deployment, NE-12 Office of Nuclear Energy Washington, D.C. 20545 s

AGENDA June 20, 1989 9:00 ENTRANCE MEETING NRC/GE

- Objectives of visit NRC i

- Categorization of RAls NRC j 9:45 APPLICANT PRESENTATION: ABWR I&C GE

- Briefing on ABWR advanced I&C desigre

- Discussion of ATWS systems design 12:00 LUNCH 1:00- SOFTWARE DESIGN DISCUSSION NRC/GE 4:30 Stewart /Ets Software Development Process

- Software development plan j

- Requirements deriva+ ion & development l

- Software design process j

- Software development methodology

- Software and system testing methodology 1:00- HARDWARE / SYSTEMS DESIGN DISCUSSION NRC/GE 1 4:30 Leivo/ I

- Applicable Topical Reports Eshleman i

- Approach to Independence / Diversity l

- Criteria & Standards Applicable / Considered s

l

l i

June 21, 1989

• i 9:00- SOFTWARE DESIGN DISCUSSION NRC/GE 12:00 Stewart /Ets-Software Development' Process (Cont'd)

V6rification & Validation Process i - Verification plan

- Verification of requirements & design

- Verification of S/W code and testing

- Validation of system

- Independence of V&V

-SoftwareLogic(2/4, triplication) Implementation 9:00- HARDWARE / SYSTEMS DESIGN DISCUSSION NRC/GE 12:00 Leivo/

FMEA Eshleman Reliability Design margins (comparison to current designs)

Dynamic response Trip 11 cation 12:00 LUNCH 1:00- SOFTWARE DESIGN DISCUSSION NRC/GE Verification & Validation Process (Cont'd)

Support Processes

- Configuration management

- Quality assurance

- Virus Prevention 1:00- HARDWARE / SYSTEMS DESIGN DISCUSSION NRC/GE 4:30 -

Leivo/

Electromagnetic Comparability (EMC) Eshleman i

- Ekl coupling I

Criteria, specifications, testing

- EMC Qualification Criteria, specifications, verification SurgeWithstandCapability(SWC)

Criteria, specifications, testing ElectrostaticDischarge(ESD)

Criteria, specifications, testing b

i Thermal Qualification / Heat Rise /!

/

" Mild" Environment Ef fects (temp. , R.H., radiation) /

System Burn-In Testing

June 22, 1989 9:00- WIDE RANGE NEUTRON MONITOR NRC/GE 12:00 Note: The staff if currently reviewing the topical and is aware that many if not all of these topics have been covered.

We called on June 14 with specific l questions that we have developed

System Design

Functional / hardware block diagrams Design interfaces Appx R/ alternate shutdown applications Design Basis RG 1.152 conformance Design criteria / standards Digital vs analog trade-offs Reliability Software '

Procedures and processes

, PROM controls Independence / isolation .

l failure Modes j FMEA  :

Error / fault detection I Coranon mode failures Software virus EMC/SWC/ESD Program Implementation V&V plan / reports 1 Configuration management Independence of Verifier Trouble reports / failure history Testing System burn-in Software Dynamic testing Power / function interruption and restoration 12:00 LUhCH 1:00- NRC REVIEW / CAUCUS NRC 3:30 3:30 EXIT MEETING

___