ML11319A072: Difference between revisions

From kanterella
Jump to navigation Jump to search
(Created page by program invented by StriderTol)
(Created page by program invented by StriderTol)
Line 18: Line 18:
=Text=
=Text=
{{#Wiki_filter:in Ve. n s. s Operations Management i n Ve, n s-,g s-Triconex Project: PG&E PROCESS PROTECTION SYSTEM REPLACEMENT Purchase Order No.: 3500897372 Project Sales Order: 993754 Non -Proprietary copy per 1 OCFR2.390-Areas of Invensys Operations Management proprietary information, marked as [P], have been redacted based on 10CFR2.390(a)(4).
{{#Wiki_filter:in Ve. n s. s Operations Management i n Ve, n s-,g s-Triconex Project: PG&E PROCESS PROTECTION SYSTEM REPLACEMENT Purchase Order No.: 3500897372 Project Sales Order: 993754 Non -Proprietary copy per 1 OCFR2.390-Areas of Invensys Operations Management proprietary information, marked as [P], have been redacted based on 10CFR2.390(a)(4).
PACIFIC GAS & ELECTRIC COMPANY NUCLEAR SAFETY-RELATED PROCESS PROTECTION SYSTEM REPLACEMENT DIABLO CANYON POWER PLANT SOFTWARE INTEGRATION PLAN (SlntP)Document No. 993754-1-910  
PACIFIC GAS & ELECTRIC COMPANY NUCLEAR SAFETY-RELATED PROCESS PROTECTION SYSTEM REPLACEMENT DIABLO CANYON POWER PLANT SOFTWARE INTEGRATION PLAN (SlntP)Document No. 993754-1-910
(-NP)Revision 1 October 14, 2011 Name Sjgnatqrg/)
(-NP)Revision 1 October 14, 2011 Name Sjgnatqrg/)
J. Title Author: Brad Carlberg --,Application Engineer Reviewer:
J. Title Author: Brad Carlberg --,Application Engineer Reviewer:
Line 86: Line 86:
* i n V e. n s'.ý4 s" Operations Management Triconex Document:
* i n V e. n s'.ý4 s" Operations Management Triconex Document:
993754-1-9 10 Title: Software Integration Plan Revision:
993754-1-9 10 Title: Software Integration Plan Revision:
I Page: 6 of 24 Date: 10/14/2011 1 Introduction
I Page: 6 of 24 Date: 10/14/2011 1 Introduction 1.1 Purpose The Software Integration Plan (SIntP) describes the system integration strategy for the Diablo Canyon Power Plant (DCPP) Process Protection System (PPS) Replacement Project. The SIntP describes generally the strategy for integrating the V10 Tricon Protection Set software functions together into a Tricon System Application Program (TSAP). integrating the TSAP with the hardware, and the steps involved in the software integration process. Without a Software Integration Plan it is possible that the integrated system will lack important elements, or that some integration steps will be omitted. The form and content for the SIntP is based on Sections 3.1.7 and 4.1.7 of NUREG CR-6101 [Ref. 1.4.3.1].The integration process begins in the Implementation Phase of the project lifecycle in accordance with the Project Procedures Manual when the software functions for the PPS Protection Set are developed using TriStation 1131 (TS 1131) (see Appendix 2 Exhibit 2 -Application Software Development, section 2.3 of the Project Procedures Manual (PPM) [Ref. 1.4.4.1.1).
 
===1.1 Purpose===
The Software Integration Plan (SIntP) describes the system integration strategy for the Diablo Canyon Power Plant (DCPP) Process Protection System (PPS) Replacement Project. The SIntP describes generally the strategy for integrating the V10 Tricon Protection Set software functions together into a Tricon System Application Program (TSAP). integrating the TSAP with the hardware, and the steps involved in the software integration process. Without a Software Integration Plan it is possible that the integrated system will lack important elements, or that some integration steps will be omitted. The form and content for the SIntP is based on Sections 3.1.7 and 4.1.7 of NUREG CR-6101 [Ref. 1.4.3.1].The integration process begins in the Implementation Phase of the project lifecycle in accordance with the Project Procedures Manual when the software functions for the PPS Protection Set are developed using TriStation 1131 (TS 1131) (see Appendix 2 Exhibit 2 -Application Software Development, section 2.3 of the Project Procedures Manual (PPM) [Ref. 1.4.4.1.1).
The application software is an implementation of the software detailed design documented in the PPS Replacement Project Software Design Descriptions (SDDs), [Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29], ', using the latest released version of TS 1131 listed on the Nuclear Qualified Equipment List (NQEL)[Ref. 1.4.4.1 0].A Nuclear IV&V Implementation Phase Summary Report shall be prepared to summarize Implementation Phase project activities.
The application software is an implementation of the software detailed design documented in the PPS Replacement Project Software Design Descriptions (SDDs), [Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29], ', using the latest released version of TS 1131 listed on the Nuclear Qualified Equipment List (NQEL)[Ref. 1.4.4.1 0].A Nuclear IV&V Implementation Phase Summary Report shall be prepared to summarize Implementation Phase project activities.
The project Software Development Plan (SDP),[Ref. 1.4.4.21 ], describes the software development process for the PPS Replacement Project. The PPM contains the set of implementing procedures for the PPS Replacement Project [Reference 1.4.4.1].Software integration consists of three major steps: 1) Integrating the various software programs into a single TSI 131 project file (i.e., PT2 file), 2) Integrating the TS 1131 PT2 file with the V 10 Tricon hardware, 3) Testing the integrated V10 Tricon product.During the first step, standard TS 1131 function blocks are combined to produce Programs that implement the Protection Set protective functions.
The project Software Development Plan (SDP),[Ref. 1.4.4.21 ], describes the software development process for the PPS Replacement Project. The PPM contains the set of implementing procedures for the PPS Replacement Project [Reference 1.4.4.1].Software integration consists of three major steps: 1) Integrating the various software programs into a single TSI 131 project file (i.e., PT2 file), 2) Integrating the TS 1131 PT2 file with the V 10 Tricon hardware, 3) Testing the integrated V10 Tricon product.During the first step, standard TS 1131 function blocks are combined to produce Programs that implement the Protection Set protective functions.
These programs implement the software design described in the four Protection Set SDDs [Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29], which are, ultimately, based upon the functional requirements contained in the customer input documents, including the Conceptual Design Document [Ref. 1.4.2.2], the Functional Requirements Specification  
These programs implement the software design described in the four Protection Set SDDs [Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29], which are, ultimately, based upon the functional requirements contained in the customer input documents, including the Conceptual Design Document [Ref. 1.4.2.2], the Functional Requirements Specification
[Ref. 1.4.2.11, the Interface Requirements Specification  
[Ref. 1.4.2.11, the Interface Requirements Specification
[Ref. 1.4.2.3], and the Functional Block Diagrams [Reference 1.4.2.4].
[Ref. 1.4.2.3], and the Functional Block Diagrams [Reference 1.4.2.4].
The individual TS 1131 programs are combined into a Master TSAP project file (PT2 file). Once all the protection functions have been implemented in accordance with the SDDs, a Software Development Checklist is generated and the TSAP issued'A SDD will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-810  
The individual TS 1131 programs are combined into a Master TSAP project file (PT2 file). Once all the protection functions have been implemented in accordance with the SDDs, a Software Development Checklist is generated and the TSAP issued'A SDD will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-810
[Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29].
[Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29].
See the Project Management Plan, [Ref. 1.4.4.22], for additional details on the project document numbering scheme.
See the Project Management Plan, [Ref. 1.4.4.22], for additional details on the project document numbering scheme.
Line 120: Line 117:
I Page: 10 of 24 1 Date: 10/14/2011 SIntP SRS ST SVVP TCM TS 1131 TSAP Software Integration Plan Software Requirements Specification Structured Text Language Software Verification and Validation Plan Tricon Communication Module TriStation 1131 Developer's Workbench TriStation Application Project i n v'e. n s'.js 1 vr T i n vn e. ns.,z1 s" Operations Management Triconex Document:
I Page: 10 of 24 1 Date: 10/14/2011 SIntP SRS ST SVVP TCM TS 1131 TSAP Software Integration Plan Software Requirements Specification Structured Text Language Software Verification and Validation Plan Tricon Communication Module TriStation 1131 Developer's Workbench TriStation Application Project i n v'e. n s'.js 1 vr T i n vn e. ns.,z1 s" Operations Management Triconex Document:
993754-1-910 Title: Software Integration Plan Revision:
993754-1-910 Title: Software Integration Plan Revision:
I Page: 11 of 24 Date: 10/14/2011
I Page: 11 of 24 Date: 10/14/2011 1.4 References 1.4.1 Industry Documents 1.4.1.1 ASME/ANSI NQA-1 -1994, "Quality Assurance Requirements for Nuclear Facility Applications" 1.4.1.2 IEEE Std 610.12-1990, "IEEE Standard Glossary of Software Engineering Terminology" 1.4.1.3 Regulatory Guide 1.152, Rev. 2 "Criteria For Use Of Computers In Safety Systems Of Nuclear Power Plants." 1.4.1.4 IEEE Std 1012-1998, "Standard for Software Verification and Validation" 1.4.1.5 IEEE Std 730-2002, "Standard for Software Engineering Quality Assurance Plans" 1.4.1.6 IEEE Std 1058-1998, "Standard for Software Project Management Plans" 1.4.1.7 IEEE Std 828-1998, "Standard for Software Configuration Management Plans" 1.4.1.8 IEEE Std 829-1998, "Standard for Software Test Documentation" 1.4.1.9 IEEE Std 1074-2006, "Standard for Developing a Software Project Life Cycle Process" 1.4.1.10 IEEE Std 1028-1988, "IEEE Standard for Software Reviews and Audits." 1.4.2 PG&E Documents 1.4.2.1 PG&E 08-0015-SP-001, Functional Requirements Specification (FRS)1.4.2.2 PG&E Process Protection System (PPS) Replacement Conceptual Design Document 1.4.2.3 PG&E Process Protection System (PPS) Replacement Interface Requirements Specification 1.4.2.4 PG&E Process Protection System (PPS) Functional Block Diagram (FBD) 08-0015-D Series 1.4.2.5 PG&E Process Protection System Controller Transfer Functions Design Input Specification, 101 15-J-NPG 1.4.2.6 PG&E Precautions, Limits, and Setpoints for Nuclear Steam Supply Systems (PLS), 663229-47-68 1.4.2.7 PG&E DCPP Functional Logic Diagrams (FLD), 495842, 495845-50, 495853, 495855-57 (11 drawings)
 
===1.4 References===
 
====1.4.1 Industry====
Documents 1.4.1.1 ASME/ANSI NQA-1 -1994, "Quality Assurance Requirements for Nuclear Facility Applications" 1.4.1.2 IEEE Std 610.12-1990, "IEEE Standard Glossary of Software Engineering Terminology" 1.4.1.3 Regulatory Guide 1.152, Rev. 2 "Criteria For Use Of Computers In Safety Systems Of Nuclear Power Plants." 1.4.1.4 IEEE Std 1012-1998, "Standard for Software Verification and Validation" 1.4.1.5 IEEE Std 730-2002, "Standard for Software Engineering Quality Assurance Plans" 1.4.1.6 IEEE Std 1058-1998, "Standard for Software Project Management Plans" 1.4.1.7 IEEE Std 828-1998, "Standard for Software Configuration Management Plans" 1.4.1.8 IEEE Std 829-1998, "Standard for Software Test Documentation" 1.4.1.9 IEEE Std 1074-2006, "Standard for Developing a Software Project Life Cycle Process" 1.4.1.10 IEEE Std 1028-1988, "IEEE Standard for Software Reviews and Audits." 1.4.2 PG&E Documents 1.4.2.1 PG&E 08-0015-SP-001, Functional Requirements Specification (FRS)1.4.2.2 PG&E Process Protection System (PPS) Replacement Conceptual Design Document 1.4.2.3 PG&E Process Protection System (PPS) Replacement Interface Requirements Specification 1.4.2.4 PG&E Process Protection System (PPS) Functional Block Diagram (FBD) 08-0015-D Series 1.4.2.5 PG&E Process Protection System Controller Transfer Functions Design Input Specification, 101 15-J-NPG 1.4.2.6 PG&E Precautions, Limits, and Setpoints for Nuclear Steam Supply Systems (PLS), 663229-47-68 1.4.2.7 PG&E DCPP Functional Logic Diagrams (FLD), 495842, 495845-50, 495853, 495855-57 (11 drawings)
FOR INFORMATION ONLY 1.4.2.8 PG&E IDAP CF2.ID9, Software Quality Assurance Plan, Software Development (as applicable) 1.4.3 NRC Documents 1.4.3.1 NUREG / CR 6101,"Software Reliability and Safety in Nuclear Reactor Protection Systems" 1.4.3.2 NUREG / CR 6463, "Review Guidelines for Software Language for use in Nuclear Power Plant Systems: Final Report" 1.4.3.3 BTP 7-14, Branch Technical Position 7-14 Standard Review Plan "Guidance On Software Reviews For Digital Computer-Based Instrumentation And Control Systems" NUREG-0800 U.S. Nuclear Regulatory Commission n nv'e. n s s"* ° ~i V" e. n 5".1s-Operations Management Triconex Document:
FOR INFORMATION ONLY 1.4.2.8 PG&E IDAP CF2.ID9, Software Quality Assurance Plan, Software Development (as applicable) 1.4.3 NRC Documents 1.4.3.1 NUREG / CR 6101,"Software Reliability and Safety in Nuclear Reactor Protection Systems" 1.4.3.2 NUREG / CR 6463, "Review Guidelines for Software Language for use in Nuclear Power Plant Systems: Final Report" 1.4.3.3 BTP 7-14, Branch Technical Position 7-14 Standard Review Plan "Guidance On Software Reviews For Digital Computer-Based Instrumentation And Control Systems" NUREG-0800 U.S. Nuclear Regulatory Commission n nv'e. n s s"* ° ~i V" e. n 5".1s-Operations Management Triconex Document:
993754-1-910 Title: Software Integration Plan Revision:
993754-1-910 Title: Software Integration Plan Revision:
Line 139: Line 131:
1 Page: 15 of 24 1 Date: 10/14/2011 i n v'e. n s-.y: s Operations Management Triconex Document:
1 Page: 15 of 24 1 Date: 10/14/2011 i n v'e. n s-.y: s Operations Management Triconex Document:
993754-1-910 Title: Software Integration Plan Revision:
993754-1-910 Title: Software Integration Plan Revision:
1I Page: 16 of 24 Date: 10/14/2011 3 Integration Marginal Conditions
1I Page: 16 of 24 Date: 10/14/2011 3 Integration Marginal Conditions 3.1 Integration and Testing Environment This section describes the environment that is used to perform and test at each step of the integration process. The Regulatory Guide 1.152 Conformance Report [Ref. 1.4.4.24]
 
===3.1 Integration===
 
and Testing Environment This section describes the environment that is used to perform and test at each step of the integration process. The Regulatory Guide 1.152 Conformance Report [Ref. 1.4.4.24]
describes the controls to ensure a secure design and operating environment during V 10 Tricon Protection Set development and integration activities.
describes the controls to ensure a secure design and operating environment during V 10 Tricon Protection Set development and integration activities.
n V'e. n s'.> s" TM Operations Management inv'e, ns'.i s'Triconex Document:
n V'e. n s'.> s" TM Operations Management inv'e, ns'.i s'Triconex Document:
Line 153: Line 141:
I Page: 19 of 24 1Date: 10/14/2011 n v'e. n s'.j s" Operations Management inv'e.n s.w s" Triconex D°cument:
I Page: 19 of 24 1Date: 10/14/2011 n v'e. n s'.j s" Operations Management inv'e.n s.w s" Triconex D°cument:
993754-1-910Tile SoftareIntegration Plan Revision:
993754-1-910Tile SoftareIntegration Plan Revision:
I Page: 20 of 24 1 Date: 10/14/2011
I Page: 20 of 24 1 Date: 10/14/2011 3.3 Integration Risks A risk analysis is performed and documented in the Safety Analysis 993754-1-915[Ref.
 
1.4.4.30]where the risks will be identified and preventive measures will be listed to mitigate the risks.Section 3.3 ofNUREG-CR6101
===3.3 Integration===
 
Risks A risk analysis is performed and documented in the Safety Analysis 993754-1-915[Ref.
1.4.4.30]where the risks will be identified and preventive measures will be listed to mitigate the risks.Section 3.3 ofNUREG-CR6101  
[Ref. 1.4.3.1 ] states that risk analysis of Logic, Data, Interface, Constraint, and Timing and Sizing Analysis is to verify that the design correctly and consistently incorporates the system safety requirements and identifies safety-critical software design elements and detects errors that might result in violations of the system safety requirements.
[Ref. 1.4.3.1 ] states that risk analysis of Logic, Data, Interface, Constraint, and Timing and Sizing Analysis is to verify that the design correctly and consistently incorporates the system safety requirements and identifies safety-critical software design elements and detects errors that might result in violations of the system safety requirements.
 
3.4 Other Marginal Conditions There are no other marginal conditions EIJ n Ve. n s'.y s" Operations Management i n V e. n s'.! s" Triconex Document:
===3.4 Other===
Marginal Conditions There are no other marginal conditions EIJ n Ve. n s'.y s" Operations Management i n V e. n s'.! s" Triconex Document:
993754-1-910 Title: Software Integration Plan Revision:
993754-1-910 Title: Software Integration Plan Revision:
I Page: 21 of 24 1 Date: 10/14/2011 4 Organization of Integration
I Page: 21 of 24 1 Date: 10/14/2011 4 Organization of Integration 4.1 Integration Network Plan The order of the integration steps follows a time sequence the order of which is determined primarily by the dependencies among the integration steps (other factors can influence this order). Steps at more detailed levels are generally required to be completed successfully before a step at a more general level can be performed.
 
===4.1 Integration===
 
Network Plan The order of the integration steps follows a time sequence the order of which is determined primarily by the dependencies among the integration steps (other factors can influence this order). Steps at more detailed levels are generally required to be completed successfully before a step at a more general level can be performed.
The integration sequence is shown in Figure 4 Integration Process Sequence below: After the factory acceptance test results are accepted by PG&E (which may require returning to previous project life cycle phases and regression analysis and testing, the final Nuclear IV&V report w i n v'e. n s'.ý= s, M T i n Ve. n s" Operations Management Triconex Documnent:
The integration sequence is shown in Figure 4 Integration Process Sequence below: After the factory acceptance test results are accepted by PG&E (which may require returning to previous project life cycle phases and regression analysis and testing, the final Nuclear IV&V report w i n v'e. n s'.ý= s, M T i n Ve. n s" Operations Management Triconex Documnent:
993754-1-910 Title: Software Integration Plan Revision:
993754-1-910 Title: Software Integration Plan Revision:
Line 183: Line 161:
A copy of project personnel qualification and training records will be included in the PPS Replacement Project document file. See the Project Management Plan [Ref. 1.4.4.22]
A copy of project personnel qualification and training records will be included in the PPS Replacement Project document file. See the Project Management Plan [Ref. 1.4.4.22]
for additional details on project training requirements.
for additional details on project training requirements.
2 An SRS will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-809  
2 An SRS will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-809
[Ref. 1.4.4.11, 1.4.4.12, 1.4.4.13, and 1.4.4.14].
[Ref. 1.4.4.11, 1.4.4.12, 1.4.4.13, and 1.4.4.14].
'An HRS will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-807  
'An HRS will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-807
[Ref. 1.4.4.15, 1.4.4.16, 1.4.4.17, and 1.4.4.18].
[Ref. 1.4.4.15, 1.4.4.16, 1.4.4.17, and 1.4.4.18].
i n v e. n S*'.A S'TM Operations Management in V'e. n s.- s" Triconex Document:
i n v e. n S*'.A S'TM Operations Management in V'e. n s.- s" Triconex Document:

Revision as of 08:10, 30 April 2019

993754-1-910(NP), Revision 1, Software Integration Plan (Sintp).
ML11319A072
Person / Time
Site: Diablo Canyon  Pacific Gas & Electric icon.png
Issue date: 10/14/2011
From: Carlberg B
Invensys Operations Management, Invensys/Triconex
To:
Office of New Reactors
References
3500897372 993754-1-910(NP), Rev 1
Download: ML11319A072 (24)


Text

in Ve. n s. s Operations Management i n Ve, n s-,g s-Triconex Project: PG&E PROCESS PROTECTION SYSTEM REPLACEMENT Purchase Order No.: 3500897372 Project Sales Order: 993754 Non -Proprietary copy per 1 OCFR2.390-Areas of Invensys Operations Management proprietary information, marked as [P], have been redacted based on 10CFR2.390(a)(4).

PACIFIC GAS & ELECTRIC COMPANY NUCLEAR SAFETY-RELATED PROCESS PROTECTION SYSTEM REPLACEMENT DIABLO CANYON POWER PLANT SOFTWARE INTEGRATION PLAN (SlntP)Document No. 993754-1-910

(-NP)Revision 1 October 14, 2011 Name Sjgnatqrg/)

J. Title Author: Brad Carlberg --,Application Engineer Reviewer:

Hoan Nguyen -V&V Engineer Reviewer:

Ken Harris PrProject Engineer Approval:

Roman Shaffer Project Manager j i n V e. n S'.. S, TM Operations Management in V e. ns'. s" Triconex Document:

993754-1-910 Title: Software Inte ration Plan Revision:

I Page: 2 of 24 Date: 10/14/2011 Document Change History Revision Date Change Author 0 08/17/2011 Initial issue Brad Carlberg 1 10/14/2011 Revised to remove organizational chart and reference Brad Carlberg organizational chart in PMP, 993754-1-905 i n v e. n s*.ý=j s*TM i n V e. n s-.,=o s-Operations Management Triconex I Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 3 of 24 1 Date: 1 10/ 14/201 Table of Contents L ist of T ables .................................................................................................................

4 L ist of F igures ...............................................................................................................

5 1 Introduction

............................................................................................................

6 1.1 P u rpo se ..................................................................................................................................................................

6 1.2 S co p e ......................................................................................................................................................................

8 1.3 Definitions and Acronyms .....................................................................................................................................

8 1.3.1 Definitions

...............................................................................................................................................

8 1.3.2 Acronyms ................................................................................................................................................

8 1.4 References

............................................................................................................................................................

11 1.4.1 Industry Documents

...............................................................................................................................

11 1.4.2 PG&E Documents

.................................................................................................................................

11 1.4.3 NRC Documents

....................................................................................................................................

11 1.4.4 Applicable Internal Documents and References

....................................................................................

12 2 Identification of Integration Process ..................................................................

14 2.1 Integration Level ..................................................................................................................................................

14 2.2 Integration Objects and Strategies

.......................................................................................................................

14 3 Integration M arginal Conditions

........................................................................

16 3.1 Integration and Testing Environment

...................................................................................................................

16 3 .2 P rio rities ...............................................................................................................................................................

17 3.3 Integration Risks ..................................................................................................................................................

20 3.4 Other M arginal Conditions

..................................................................................................................................

20 4 O rganization of Integration

................................................................................

21 4.1 Integration Network Plan .....................................................................................................................................

21 4.2 Personnel and Responsibilities

.............................................................................................................................

22 5 Integration P rocedures

........................................................................................

23 5.1 Integration Instructions

........................................................................................................................................

23)5.2 Required Inputs ....................................................................................................................................................

23 5.3 Required Products ................................................................................................................................................

24 5.4 Special Handling ..................................................................................................................................................

24 n v'e. n s>. s" TM Operations Management in v'e.n s'.t s" Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 4 of 24 1 Date: 1 10/14/2011 List of Tables Table 1: Integration Step Tools ........................................................................................................................

17 Table 2: Priority-Based List of the Integration Products ..............................................................................

18 Table 3: Inputs for Integration Steps ................................................................................................................

23 Table 4: Integration Step Outputs ....................................................................................................................

24 i n v'e. n s" TM Operations Management in v e. n s'. s" Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 5 of 24 1 Date: 10/14/2011 List of Figures Figure 1 PPS Replacem ent Design Concept ..................................................................................................

7 Figure 2 System Integration Implementation Process Flow Chart ...............................................................

15 Figure 3 Software Verification Process Flow Chart ...................................................................................

19 Figure 4 Integration Process Sequence .............................................................................................................

21 i n v'e. n s'.Y s"*

  • i n V e. n s'.ý4 s" Operations Management Triconex Document:

993754-1-9 10 Title: Software Integration Plan Revision:

I Page: 6 of 24 Date: 10/14/2011 1 Introduction 1.1 Purpose The Software Integration Plan (SIntP) describes the system integration strategy for the Diablo Canyon Power Plant (DCPP) Process Protection System (PPS) Replacement Project. The SIntP describes generally the strategy for integrating the V10 Tricon Protection Set software functions together into a Tricon System Application Program (TSAP). integrating the TSAP with the hardware, and the steps involved in the software integration process. Without a Software Integration Plan it is possible that the integrated system will lack important elements, or that some integration steps will be omitted. The form and content for the SIntP is based on Sections 3.1.7 and 4.1.7 of NUREG CR-6101 [Ref. 1.4.3.1].The integration process begins in the Implementation Phase of the project lifecycle in accordance with the Project Procedures Manual when the software functions for the PPS Protection Set are developed using TriStation 1131 (TS 1131) (see Appendix 2 Exhibit 2 -Application Software Development, section 2.3 of the Project Procedures Manual (PPM) [Ref. 1.4.4.1.1).

The application software is an implementation of the software detailed design documented in the PPS Replacement Project Software Design Descriptions (SDDs), [Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29], ', using the latest released version of TS 1131 listed on the Nuclear Qualified Equipment List (NQEL)[Ref. 1.4.4.1 0].A Nuclear IV&V Implementation Phase Summary Report shall be prepared to summarize Implementation Phase project activities.

The project Software Development Plan (SDP),[Ref. 1.4.4.21 ], describes the software development process for the PPS Replacement Project. The PPM contains the set of implementing procedures for the PPS Replacement Project [Reference 1.4.4.1].Software integration consists of three major steps: 1) Integrating the various software programs into a single TSI 131 project file (i.e., PT2 file), 2) Integrating the TS 1131 PT2 file with the V 10 Tricon hardware, 3) Testing the integrated V10 Tricon product.During the first step, standard TS 1131 function blocks are combined to produce Programs that implement the Protection Set protective functions.

These programs implement the software design described in the four Protection Set SDDs [Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29], which are, ultimately, based upon the functional requirements contained in the customer input documents, including the Conceptual Design Document [Ref. 1.4.2.2], the Functional Requirements Specification

[Ref. 1.4.2.11, the Interface Requirements Specification

[Ref. 1.4.2.3], and the Functional Block Diagrams [Reference 1.4.2.4].

The individual TS 1131 programs are combined into a Master TSAP project file (PT2 file). Once all the protection functions have been implemented in accordance with the SDDs, a Software Development Checklist is generated and the TSAP issued'A SDD will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-810

[Ref. 1.4.4.21, 1.4.4.27, 1.4.4.28, and 1.4.4.29].

See the Project Management Plan, [Ref. 1.4.4.22], for additional details on the project document numbering scheme.

n V" e. n s" s-o TV i n .V 'e. n s-.,..# s " Operations Management Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 7 of 24 1 Date: 10/14/2011 to Nuclear IV&V for formal review and software verification testing. At this point, the software is placed under formal configuration control, as explained in the project Software Configuration Management Plan [Ref. 1.4.4.23].

The second step involves staging the system in a secure area and loading the TSAP (PT2 file). The V 10 Tricon equipment, materials, parts, and components are staged in a secure location that can accommodate system integration construction, assembly, inspection, and testing activities, as explained in the Regulatory Guide 1.152 Conformance Report [Ref. 1.4.4.24].

All items listed on a project bill of material will be staged and adequately protected to prevent loss or damage. Only authorized personnel will be allowed access to the staged system. System assembly and initial power-on testing is performed in accordance with the PPM. After initial checkout, the staged V10 Tricon Protection Set equipment is formally turned over to Nuclear IV&V in preparation for Test Phase system validation testing.The final step consists of validation testing of the staged system comprising the VI10 Tricon Protection Set hardware and TSAP. The testing activities are defined in the project Hardware Validation Test (HVT) [Ref. 1.4.4.3 11 and Factory Acceptance Test (FAT) [Ref. 1.4.4.34]procedures.

The validation testing is the responsibility of the Nuclear Independent Verification

&Validation (IV&V) staff, including configuration control of the staged equipment, test tools, and test documentation, until completion of validation testing.Figure 1 PPS Replacement Design Concept n v'e. n s" s Operations Management inv e.n s" Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 8 of 24 Date: 10/14/2011 7 1.2 Scope This Software Integration Plan applies only to the software programs associated with the V 10 Tricon portions of the PPS, shown in Figure I PPS Replacement Design Concept.1.3 Definitions and Acronyms 1.3.1 Definitions Configuration Function Function Block Network"The arrangement of a computer system or component as defined by the number, nature, and interconnections of its constituent parts." (as per reference 1.4.4.6) Note -it is interpreted that a "component" in the context of this definition includes the library functions and function blocks included with TriStation 1131 Program Developers software.A function is a logic element which yields exactly one result. Unlike a function block, the data associated with a function is not retained from one evaluation of the function to the next. Functions do not have to be instanced.

A function block is a logic element which yields one or more results.To use a function block in a program, an instance of the function block must first be declared.

Each instance is identified by a user-defined instance name. All of the data associated with a specific instance of a function block is retained from one evaluation of the function block to the next.The individual subdivisions of a Tricon Program written using Function Block Diagram logic.Within the Tricon Project file, the collection of user defined logic structures which define the logic executed by the controller.

The overall configuration file which defines the operation of a Tricon controller.

A general purpose, high-level programming language, similar to PASCAL or C. Structured Text is particularly useful for complex arithmetic calculations, and can be used to implement complicated procedures that are not easily expressed in graphical languages.

Programs Project Structured Text Language 1.3.2 Acronyms ALS ANSI ASME BTP CD-ROM CDD (Westinghouse)

Advanced Logic System American National Standards Institute American Society Mechanical Engineers Branch Technical Position Compact Disk-Read Only Memory Conceptual Design Document n Ve .I-n s.n- s"* " ~TM i n V' e. n",S Operations Management Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 9 of 24 1 Date: 10/14/2011 CFR Code of Federal Regulations CM Configuration Management DCPP Diablo Canyon Power Plant FAT Factory Acceptance Test FB Function Block FBD Functional Block Diagram FLD Functional Logic Diagram FRS Functional Requirements Specification HRS Hardware Requirements Specification HSI Human System Interface HVT Hardware Validation Test I/O Input/Output IEC International Electro-technical Commission IEEE Institute of Electrical Electronic Engineers IRS Interface Requirements Specification IV&V Independent Verification

& Validation LD Logic Diagram MP Main Processor ND Nuclear Delivery NI Nuclear Integration NQEL Nuclear Qualified Equipment List NRC Nuclear Regulatory Commission NSIPM Nuclear System Integration Program Manual PC personal computer PE Project Engineer PG&E Pacific Gas & Electric Company PLS Precautions, Limitations, and Setpoints (document)

PM Project Manager PPS Process Protection System PPM Project Procedures Manual PQAE Project Quality Assurance Engineer PQAM Project Quality Assurance Manager PQP Project Quality Plan PRC Project Review Committee PT2 TriStation project file PTM Project Traceability Matrix QA Quality Assurance QC Quality Control RG Regulatory Guide SDC Software Development Checklist SDD Software Design Description SDP Software Development Plan SIDR System Integration Discrepancy Report i n v e. n TM i n Ve. n s".t s" Operations Management Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 10 of 24 1 Date: 10/14/2011 SIntP SRS ST SVVP TCM TS 1131 TSAP Software Integration Plan Software Requirements Specification Structured Text Language Software Verification and Validation Plan Tricon Communication Module TriStation 1131 Developer's Workbench TriStation Application Project i n v'e. n s'.js 1 vr T i n vn e. ns.,z1 s" Operations Management Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 11 of 24 Date: 10/14/2011 1.4 References 1.4.1 Industry Documents 1.4.1.1 ASME/ANSI NQA-1 -1994, "Quality Assurance Requirements for Nuclear Facility Applications" 1.4.1.2 IEEE Std 610.12-1990, "IEEE Standard Glossary of Software Engineering Terminology" 1.4.1.3 Regulatory Guide 1.152, Rev. 2 "Criteria For Use Of Computers In Safety Systems Of Nuclear Power Plants." 1.4.1.4 IEEE Std 1012-1998, "Standard for Software Verification and Validation" 1.4.1.5 IEEE Std 730-2002, "Standard for Software Engineering Quality Assurance Plans" 1.4.1.6 IEEE Std 1058-1998, "Standard for Software Project Management Plans" 1.4.1.7 IEEE Std 828-1998, "Standard for Software Configuration Management Plans" 1.4.1.8 IEEE Std 829-1998, "Standard for Software Test Documentation" 1.4.1.9 IEEE Std 1074-2006, "Standard for Developing a Software Project Life Cycle Process" 1.4.1.10 IEEE Std 1028-1988, "IEEE Standard for Software Reviews and Audits." 1.4.2 PG&E Documents 1.4.2.1 PG&E 08-0015-SP-001, Functional Requirements Specification (FRS)1.4.2.2 PG&E Process Protection System (PPS) Replacement Conceptual Design Document 1.4.2.3 PG&E Process Protection System (PPS) Replacement Interface Requirements Specification 1.4.2.4 PG&E Process Protection System (PPS) Functional Block Diagram (FBD) 08-0015-D Series 1.4.2.5 PG&E Process Protection System Controller Transfer Functions Design Input Specification, 101 15-J-NPG 1.4.2.6 PG&E Precautions, Limits, and Setpoints for Nuclear Steam Supply Systems (PLS), 663229-47-68 1.4.2.7 PG&E DCPP Functional Logic Diagrams (FLD), 495842, 495845-50, 495853, 495855-57 (11 drawings)

FOR INFORMATION ONLY 1.4.2.8 PG&E IDAP CF2.ID9, Software Quality Assurance Plan, Software Development (as applicable) 1.4.3 NRC Documents 1.4.3.1 NUREG / CR 6101,"Software Reliability and Safety in Nuclear Reactor Protection Systems" 1.4.3.2 NUREG / CR 6463, "Review Guidelines for Software Language for use in Nuclear Power Plant Systems: Final Report" 1.4.3.3 BTP 7-14, Branch Technical Position 7-14 Standard Review Plan "Guidance On Software Reviews For Digital Computer-Based Instrumentation And Control Systems" NUREG-0800 U.S. Nuclear Regulatory Commission n nv'e. n s s"* ° ~i V" e. n 5".1s-Operations Management Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

1 Page: 12 of 24 1 Date: 10/14/2011 1.4.3.4 US NRC Regulatory Guide 1.152, Rev. 2 "Criteria For Use Of Computers In Safety Systems Of Nuclear Power Plants." 1.4.3.5 US NRC Regulatory Guide 1.168, "Verification, Validation, Reviews, and Audits for Digital Computer Software Used in Safety Systems of Nuclear Power Plants" 1.4.3.6 US NRC Regulatory Guide 1.169, "Configuration Management Plans for Digital Computer Software Used in Safety Systems of Nuclear Power Plants" 1.4.3.7 US NRC Regulatory Guide 1.170, "Software Test Documentation for Digital Computer Software Used in Safety Systems of Nuclear Power Plants" 1.4.3.8 US NRC Regulatory Guide 1.173, "Developing Software Life Cycle Processes for Digital Computer Software Used in Safety Systems of Nuclear Power Plants" 1.4.4 Applicable Internal Documents and References 1.4.4.1 Project Procedures Manual (PPM)1.4.4.2 PPM 8.0, System Integration Implementation 1.4.4.3 NTX-SER-09-2 1, Rev. 1; Nuclear System Integration Program Manual 1.4.4.4 9791007-018, Technical Product Guide for Tricon v 10 Systems -September 2009 1.4.4.5 9720097-007, Safety Considerations Guide for Tricon v9-vl0 Systems -September 2009 1.4.4.6 9700100-012, Developer's Guide TriStation 1131 Version 4.9.0 -May 2011 1.4.4.7 9720098-009, Libraries Reference TriStation 1131 -April 2010 1.4.4.8 9720077-013, Planning and Installation Guide for Tricon v9-vl0 Systems -September 2009 1.4.4.9 9600164-545, Application Guide (Appendix B to Qualification Summary Report, Tricon vi0)1.4.4.10 9100150-001, Tricon vlO Nuclear Qualified Equipment List (Tricon vlO NQEL)1.4.4.11 993754-11-809, Software Requirements Specification (SRS), Protection Set 1 1.4.4.12 993754-12-809, SRS, Protection Set II 1.4.4.13 993754-13-809, SRS, Protection Set III 1.4.4.14 993754-14-809, SRS, Protection Set IV 1.4.4.15 993754-11-807, Hardware Requirements Specification (HRS), Protection Set I 1.4.4.16 993754-12-807, HRS, Protection Set 11 1.4.4.17 993754-13-807, HRS, Protection Set III 1.4.4.18 993754-14-807, HRS, Protection Set IV 1.4.4.19 993754-11-802, Software Verification and Validation Plan (SVVP)1.4.4.20 993754-11-902, Hardware Validation Test Procedure (HVTP)1.4.4.21 993754-1-906, Software Development Plan (SDP)1.4.4.22 993754-1-905, Project Management Plan (PMP)1.4.4.23 993754-1-899, Software Configuration Management Plan (SCMP) n V i i ve.n s',i s" Operations Management Triconex Document:

993754-1-910 Title: Soft4are Inte ration Plan I Revision:

I Page: 13 of 24 1Date: 10/14/2011 1.4.4.24 993754-1-913, Regulatory Guide 1.152 Conformance Report 1.4.4.25 993754-1-907, DCPP PPS Replacement Coding Guidelines 1.4.4.26 993754-11-810, Software Design Description (SDD), Protection Set 1 1.4.4.27 993754-12-810, SDD, Protection Set II 1.4.4.28 993754-13-810, SDD, Protection Set III 1.4.4.29 993754-14-810, SDD, Protection Set IV 1.4.4.30 993754-1-911, Software Safety Plan (SSP)1.4.4.31 993754-1-868, Software Verification Test Plan 1.4.4.32 993754-1-813, Validation Test Plan 1.4.4.33 993754-1-902-0, Hardware Validation Test (HVT)1.4.4.34 993754-1-902-1, Factory Acceptance Test (FAT) n v'e. n s.s TM inv'e, n s'.ý s" Operations Management Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 14 of 24 1 Date: 10/14/2011 2 Identification of Integration Process 2.1 Integration Level This Software Integration Plan (SIntP) specifies levels of integration consistent with the Software Requirements Specification (SRS) and Software Design Description (SDD) and also specifies objects needing to be included at the Hardware, Software, Instrumentation, and Data level. The scope of the integration process can be broken down to the various objects that will be included in each integration step of each level.The PPS Replacement system is composed of the V10 Tricon and the Westinghouse ALS, as shown in Figure 1; but only the V10 Tricon is within the scope of this SIntP, thus multiple levels of integration are not required.

However, several integration steps will be required at that single level.2.2 Integration Objects and Strategies This section lists all objects included in each integration step as well as a strategy for the integration process.As mentioned in section 1.1 of this document, the three integration steps are executed sequentially:

I) Integrating software units (functions, program) in each TSAP.2) Integrating software with VIO Tricon hardware (chassis, MP, TCM, and I/O modules).3) Testing the integrated system with simulated I/O signals and the Maintenance Workstation.

n v'e. n s'.,vn s" Operations Management Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

1 Page: 15 of 24 1 Date: 10/14/2011 i n v'e. n s-.y: s Operations Management Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

1I Page: 16 of 24 Date: 10/14/2011 3 Integration Marginal Conditions 3.1 Integration and Testing Environment This section describes the environment that is used to perform and test at each step of the integration process. The Regulatory Guide 1.152 Conformance Report [Ref. 1.4.4.24]

describes the controls to ensure a secure design and operating environment during V 10 Tricon Protection Set development and integration activities.

n V'e. n s'.> s" TM Operations Management inv'e, ns'.i s'Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 17 of 24 1 Date: 10/14/2011 i 0 n v e. nI s .>: S" perations Management inv'e, ns'-. s" Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 18 of 24 1 Date: 10/14/2011 i nl v" e. n- s" .ý s" Tv SM i n ve. n s'.e S Operations Management Triconex Document:

993754-1-910 Title: Software Inte ration Plan Revision:

I Page: 19 of 24 1Date: 10/14/2011 n v'e. n s'.j s" Operations Management inv'e.n s.w s" Triconex D°cument:

993754-1-910Tile SoftareIntegration Plan Revision:

I Page: 20 of 24 1 Date: 10/14/2011 3.3 Integration Risks A risk analysis is performed and documented in the Safety Analysis 993754-1-915[Ref.

1.4.4.30]where the risks will be identified and preventive measures will be listed to mitigate the risks.Section 3.3 ofNUREG-CR6101

[Ref. 1.4.3.1 ] states that risk analysis of Logic, Data, Interface, Constraint, and Timing and Sizing Analysis is to verify that the design correctly and consistently incorporates the system safety requirements and identifies safety-critical software design elements and detects errors that might result in violations of the system safety requirements.

3.4 Other Marginal Conditions There are no other marginal conditions EIJ n Ve. n s'.y s" Operations Management i n V e. n s'.! s" Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 21 of 24 1 Date: 10/14/2011 4 Organization of Integration 4.1 Integration Network Plan The order of the integration steps follows a time sequence the order of which is determined primarily by the dependencies among the integration steps (other factors can influence this order). Steps at more detailed levels are generally required to be completed successfully before a step at a more general level can be performed.

The integration sequence is shown in Figure 4 Integration Process Sequence below: After the factory acceptance test results are accepted by PG&E (which may require returning to previous project life cycle phases and regression analysis and testing, the final Nuclear IV&V report w i n v'e. n s'.ý= s, M T i n Ve. n s" Operations Management Triconex Documnent:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 22 of 24 1 Date: 10/14/2011 is generated, and the project enters the Delivery Phase. Once the System Integration Document Package is signed off and the equipment is packaged, the system integration activities under this plan end. It is important that the quality records (e.g., design documentation, TSAP Project files, and Nuclear IV&V reports) are packaged with the validated V 10 Tricon Protection Set equipment and shipped to the customer.

Therefore, the scope of this plan extends past the software-hardware integration steps to include final packaging for shipment to the customer.4.2 Personnel and Responsibilities The full details on project personnel, their responsibilities, and project organizational structure are discussed in the Project Management Plan (PMP) [Ref. 1.4.4.22].

Referring to Figure 3: PPS Replacement Project Organization Structure in the PMP, the following two highlighted groups will be responsible for software integration:

1) Software Design 2) Nuclear Independent Verification

& Validation (IV&V) Staff The customer technical requirements are translated into project documents and drawings such as the project Software Requirement Specification (SRS)2 [Ref. 1.4.4.11, 1.4.4.12, 1.4.4.13, and 1.4.4.14], which, in turn, is translated into software design configuration items in the Software Design Description (SDD) [Ref. 1.4.4.26, 1.4.4.27, 1.4.4.28, and 1.4.4.29].

Then the Software Design team, under direction of the Project Engineer, develops the TriStation Application Project (TSAP) using TriStation 1131.The V10 Tricon Protection Sets will be built by the Hardware Design team, also under direction of the Project Engineer, based on project Hardware Requirement Specification (HRS)3 [Ref. 1.4.4.15, 1.4.4.16, 1.4.4.17, and 1.4.4.18]

that has been translated into mechanical and electrical drawings.After assembly and QA/QC checkout, the V 10 Tricon Protection Set equipment will be transferred to Nuclear IV&V for Hardware Validation Testing [Ref. 1.4.4.33]

and Factory Acceptance Testing[Ref. 1.4.4.34]

in accordance with the Software Verification and Validation Plan [Ref. 1.4.4.12].

The personnel who will be involved in the integration activity are listed and kept up to date in accordance with the NSIPM [Ref. 1.4.4.2].

A copy of project personnel qualification and training records will be included in the PPS Replacement Project document file. See the Project Management Plan [Ref. 1.4.4.22]

for additional details on project training requirements.

2 An SRS will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-809

[Ref. 1.4.4.11, 1.4.4.12, 1.4.4.13, and 1.4.4.14].

'An HRS will be developed for each of the four PPS Protection Sets. For simplicity, they will be identified collectively as 993754-1-807

[Ref. 1.4.4.15, 1.4.4.16, 1.4.4.17, and 1.4.4.18].

i n v e. n S*'.A S'TM Operations Management in V'e. n s.- s" Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 23 of 24 Date: 10/14/2011 5 Integration Procedures This section discusses the inputs to the integration step, describes the procedures for obtaining the input items for the integration process steps, lists the outputs of the integration steps, discusses contingency strategies if the integration fails to complete, describes the procedures for delivering the completed integration product to the configuration management organization, and describes the procedures for delivering the completed integration product to the Nuclear IV&V organization for software verification and system validation testing.EL i n v e. n s".>= S" TM Operations Management inv'en s'.9 s" Triconex Document:

993754-1-910 Title: Software Integration Plan Revision:

I Page: 24 of 24 1 Date: 10/14/2011 EL 5.4 Special Handling Integration items are handled and stored in accordance with material handling and storage procedures.

Safety-Related integration materials, once accepted, will be secured in an access-controlled location, separated from non-safety related material.Design security provisions are provided to limit access to design information as required by the Project Management Plan [Ref. 1.4.4.22]

and Section 4.1.6 of PPM 8.0, System Integration Implementation NTX-SER-09-21, Rev. 1; Nuclear System Integration Program Manual Ref. [1.4.4.2].

Materials are clearly identified as to part number, purchase order number, and inspection status.Safety-Related items are stored and maintained in the designated safety-related storage area.Uninspected and nonconforming items are segregated from accepted items to the extent practical.

Accepted safety-related items are released from the safety-related storage area for only staging, assembly, or test.