• Journal of Internet Computing and Services
• /
• v.20 no.3
• /
• pp.1-11
• /
• 2019

Today's software systems are becoming larger and more complicated, and the risk of accidents and failures have also grown larger. Software failures and accidents in industrial fields such as automobiles, nuclear power plants, railroad industries, etc. may lead to severe damage of property and human life. The safety-related international standards, such as IEC 61508 have been established and applied to industries for decades. The safety life cycle specified in the standards emphasize the activities to develop safety requirements through hazard and risk analysis in the early stage of software development. In this paper, we propose 'Hazard Analysis Process based on STPA using SysML' in order to ensure the safety of software at the early stage of software development. The proposed hazard analysis can be effectively performed minimizing the loss of hazard by using the BDD and the IBD of SysML to define the control structure of a system. The proposed method also improves the specification of the safety constraints(requirement) by using SD. As a result, it is possible to identify the hazard without missing and identify the hazard scenarios in detail, and safety can be sufficiently ensured in the early stage of software development.

• Journal of Energy Engineering
• /
• v.7 no.1
• /
• pp.96-102
• /
• 1998

The use of computers as part of nuclear safety systems elicits additional requirements-software verification and validation (v/v), hardware qualification-not specifically addressed in general industry fields. The computer used in nuclear power plants is a system that includes computer hardware, software, firmware, and interfaces. To develop the computer systems graded with nuclear safety class, the developing environments have to be required in advance and the developed software have to be verified and validated in accordance with nuclear code and standards. With this requirements, the test facility for Inadequate Core Cooling Monitoring System (ICCMS) as one of safety systems in the nuclear power plants was developed. The test facility consists of three(3) parts such as Input/Output (I/O) simulator, Plant Data Acqusition System (PDAS) cabinets and supervisory computer. The performance of the system was validated by manual test procedure.

• Nuclear Engineering and Technology
• /
• v.45 no.4
• /
• pp.489-504
• /
• 2013

Software safety for nuclear reactor protection systems (RPSs) is the most important requirement for the obtainment of permission for operation and export from government authorities, which is why it should be managed with well-experienced software development processes. The RPS software is typically modeled with function block diagrams (FBDs) in the design phase, and then mechanically translated into C programs in the implementation phase, which is finally compiled into executable machine codes and loaded on RPS hardware - PLC (Programmable Logic Controller). Whereas C Compilers are fully-verified COTS (Commercial Off-The-Shelf) software, translators from FBDs to C programs are provided by PLC vendors. Long-term experience, experiments and simulations have validated their correctness and function safety. This paper proposes a behavior-preserving translation from FBD design to C implementation for RPS software. It includes two sets of translation algorithms and rules as well as a prototype translator. We used an example of RPS software in a Korean nuclear power plant to demonstrate the correctness and effectiveness of the proposed translation.

• Journal of KIISE:Software and Applications
• /
• v.32 no.2
• /
• pp.108-118
• /
• 2005

The software of the nuclear power plant digital control system is a safety-critical system where many techniques must be applied to it in order to preserve safety in the whole system. Formal specifications especially allow the system to be clearly and completely specified in the early requirements specification phase, therefore making it a trusted method for increasing safety. In this paper, we discuss a systematic method, which generates PLC-based FBD programs from the requirements specification using NuSCR, a formal requirements specification method. This FBD programs takes an important position in design specification. The proposed method can reduce the possible errors occur in the manual design specification, and the software development cost and time. To investigate the usefulness of our proposed method, we introduce the fixed set-point rising trip example, a trip logic of BP in DPPS RPS, which is presently being developed at KNICS.

• Journal of the Korea Safety Management & Science
• /
• v.10 no.1
• /
• pp.83-90
• /
• 2008

Development of human-system interfaces (HSI) supporting the interaction between human and automation-based systems, particularly safety-critical sociotechnial systems, entails a wide range of design and evaluation problems. To help HSI designers deal with these problems, many methodologies from traditional human-computer interaction, software engineering, and systems engineering have been applied; however, they have been proved inadequate to develop cognitively well engineered HSI. This paper takes a viewpoint that HSI development is itself a cognitive process consisting of various decision making and problem solving activities and then proposes a design requirements-driven process for developing HSI. High-level design problems and their corresponding design requirements for visual information display are explained to clarify the concept of design requirements. Lastly, conceptual design of software system to support the requirements-driven process and designers' knowledge management is described.

• Journal of Ocean Engineering and Technology
• /
• v.24 no.6
• /
• pp.103-108
• /
• 2010

WIG crafts are high speed vessels with the features of a dynamic supported craft. These crafts, which are predominantly lightweight and operate at substantially greater speeds than conventional craft, could not be accommodated under traditional maritime safety instruments. WIG crafts inherently possess more hazard factors than conventional ships because of their relatively high speed, lightweight, and navigational characteristics, and an accident is likely to cause damage to the ship and a high loss of life. Because WIG crafts are composed of many systems and subsystems, the safety assessment of a WIG must use a commercial software system in the design stage. This paper reviews a safety assessment process and methodology proposed by the IMO interim guideline, which were developed in view of the configuration of WIG crafts. This safety assessment system was developed to fit the WIG's safety assessment process using a reliability analysis system widely used in commercial systems. The FHA was performed on the functional hazards of systems in the conceptual design stage.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.66 no.9
• /
• pp.1379-1384
• /
• 2017

To guarantee safety and reliability, RAMS(Reliability Availability Maintainability and Safety) activity for a communication software in train communication network is studied. In this paper, preliminary hazard analysis in RAMS activities is studied for the communication software. Preliminary hazard analysis is done through library for communication software that the specification is defined by IEC 61375. The hazards are defined, then causes and consequence for each hazard are defined. The total 36 preliminary hazards are classified. For high severity hazards are changed to acceptable level by upgrading of system requirement specification.

• Nuclear Engineering and Technology
• /
• v.29 no.6
• /
• pp.433-443
• /
• 1997

In this work, an analytic approach to the dependability of software in the operational phase is suggested with special attention to the hardware fault effects on the software behavior : The hardware faults considered are memory faults and the dependability measure in question is the reliability. The model is based on the simple reliability theory and the graph theory which represents the software with graph composed of nodes and arcs. Through proper transformation, the graph can be reduced to a simple two-node graph and the software reliability is derived from this graph. Using this model, we predict the reliability of an application software in the digital system (ILS) in the nuclear power plant and show the sensitivity of the software reliability to the major physical parameters which affect the software failure in the normal operation phase. We also found that the effects of the hardware faults on the software failure should be considered for predicting the software dependability accurately in operation phase, especially for the software which is executed frequently. This modeling method is particularly attractive for the medium size programs such as the microprocessor-based nuclear safety logic program.

• Proceedings of the Korean Nuclear Society Conference
• /
• 1995.05a
• /
• pp.602-607
• /
• 1995

This article presents safety review experience of microprocessor-based Interposing Logic System(ILS) of Engineering Safety Feature Actuation System(ESFAS). The ILS is the first application of computerized logic design to safety system in Korean nuclear power plants without verification of the system reliability by proven technology concept. As a result of evaluation for the ILS, Korea Institute of Nuclear Safety(KINS) concluded that the microprocessor-based ILS is not acceptable in some features detailed enough to defend against software common mode failures(CMF). Therefore, we required licensee to install hardwired interlock signal configuration and a Hardwired Backup Panel to control safety-related equipment. We believe that the microprocessor-based ILS with the hardwired backup panel and inter-connection of interlock signal by hardwired configuration will improve the plant safety.

• Journal of KIISE:Software and Applications
• /
• v.30 no.12
• /
• pp.1149-1157
• /
• 2003

As an Embedded system combining hardware and software gets more complicated, the importance of the embedded software test increases. Especially, it is mandatory to test the embedded software in the system which has high safety level. In embedded system, it is necessary to develop a test technique to detect faults in interaction between hardware and software. In this paper, we propose a test data selection technique using a fault injection technique for the faults in interaction between hardware and software in embedded system and we apply our technique to the Digital Plant Protection System and analyze effectiveness of the proposed technique through experiments.