Text

Periodic Review RG 1.168 Revision 2

Regulatory Guide Number: 1.168, Revision 2

Title:

Verification, Validation, Reviews, and Audits for Digital Computer Software Used in Safety Systems of Nuclear Power Plant

Office/Division/Branch: NRR/DEX/EICB

Technical Lead: William Roggenbrodt

Staff Action Decided: Revise

1. What are the known technical or regulatory issues with the curr ent version of the Regulatory Guide (RG)?

The current version of this RG states, Software used in nuclea r power plant safety systems should be assigned Integrity Level 4 or the equivalent, as demonstrated by a mapping between the applicant or licensee approach and integr ity Level 4 as defined in Institute of Electrical and Electronics Engineers St andard (IEEE Std.)

1012-2004. Specifying an integrity Level 4 scheme 1 correlates to the maximum number of Verification and Validation (V&V) tasks specified in the standard, which continues to increase with newer versions of the standard. Such an approach does not seem aligned with the objectives realized during the last s everal years efforts to modernize the digital Instrumentation and Controls (I&C) regula tory infrastructure, which include performing regulatory I&C reviews in an efficient, effective, consistent, and risk-informed manner. Furthermore, such an approach does no t seem aligned with the overall intent of the standard, in which the user defi nes the integrity level and uses a graded approach for the V&V tasks.

The current scope of IEEE Std. 1012-2016 has expanded to includ e both system and hardware activities, whereas the scope of the IEEE Std. ref erenced in the current version of RG 1.168 only discusses software V&V activit ies. The staff would like to consider endorsing IEEE Std. 1012-2016, with potential exceptions and additions, in the revision to RG 1.168.

In addition, the significant changes have been made to the appr oaches and methods to design, develop, and test software since IEEE Std. 1 012-2004 was issued, which are reflected in IEEE Std. 1012-2016.

2. What is the impact on internal and external stakeholders of not updating the RG for the known issues, in terms of anticipated numbers of lic ensing and inspection activities over the next several years?

The approach of specifying an Integrity Level 4 in the current version of the RG could unnecessarily result in potential inefficiencies in the industr y use of this standard and

1The standard defines four integrity levels where 4 is the hig hest level. The degree of rigor and intensity in performing and documenting any V&V tasks associated with a system, software, o r hardware work product is commensurate with the integrity level.

staffs licensing reviews. This is evident when the Nuclear Pow er Engineering Committee (NPEC) subcommittee for the IEEE 7-4.3.2, IEEE Stand ard Criteria for Programmable Digital Devices in Safety Systems of Nuclear Power Generating Stations, recently voted to explore the use of International E lectrotechnical Commission (IEC) Standards versus the use of IEEE-1012.

Additionally, licensees may not be able to take advantage of th e latest approaches for efficiencies addressing digital I&C technical issues that h ave been incorporated into the current version of IEEE Std. 1012-2016. These include: (1) rearranging some V&V activities and tasks to facilitate understanding and ease o f use; and (2) emphasizing a series of concepts throughout the standard (e.g., intensity and rigor applied to V&V tasks).

3. What is an estimate of the level of effort needed to address id entified issues in terms of full-time equivalent (FTE) and contractor resources ?

Approximately.3 FTE.

4. Based on the answers to the questions above, what is the staff action for this guide?

Based on the results of the periodic review, the staff conclude s that a revision to RG 1.168, Revision 2 is warranted.

5. Provide a conceptual plan and timeframe to address the issues i dentified during the review.

Completion of a draft RG for public comment is expected to take 9-12 months upon starting in fiscal year 2024, based on current resources and ot her digital I&C priorities.

NOTE: This review was conducted in December 2023 and reflects the staffs plans as of that date. These plans are tentative and subject to change.