WorldWideScience

Sample records for criticality safety application

  1. Software for safety critical applications

    International Nuclear Information System (INIS)

    Kropik, M.; Matejka, K.; Jurickova, M.; Chudy, R.

    2001-01-01

    The contribution gives an overview of the project of the software development for safety critical applications. This project has been carried out since 1997. The principal goal of the project was to establish a research laboratory for the development of the software with the highest requirements for quality and reliability. This laboratory was established at the department, equipped with proper hardware and software to support software development. A research team of predominantly young researchers for software development was created. The activities of the research team started with studying and proposing the software development methodology. In addition, this methodology was applied to the real software development. The verification and validation process followed the software development. The validation system for the integrated hardware and software tests was brought into being and its control software was developed. The quality of the software tools was also observed, and the SOSAT tool was used during these activities. National and international contacts were established and maintained during the project solution.(author)

  2. Software reliability for safety-critical applications

    International Nuclear Information System (INIS)

    Everett, B.; Musa, J.

    1994-01-01

    In this talk, the authors address the question open-quotes Can Software Reliability Engineering measurement and modeling techniques be applied to safety-critical applications?close quotes Quantitative techniques have long been applied in engineering hardware components of safety-critical applications. The authors have seen a growing acceptance and use of quantitative techniques in engineering software systems but a continuing reluctance in using such techniques in safety-critical applications. The general case posed against using quantitative techniques for software components runs along the following lines: safety-critical applications should be engineered such that catastrophic failures occur less frequently than one in a billion hours of operation; current software measurement/modeling techniques rely on using failure history data collected during testing; one would have to accumulate over a billion operational hours to verify failure rate objectives of about one per billion hours

  3. Applications of PRA in nuclear criticality safety

    International Nuclear Information System (INIS)

    McLaughlin, T.P.

    1992-01-01

    Traditionally, criticality accident prevention at Los Alamos has been based on a thorough review and understanding of proposed operations of changes to operations, involving both process supervision and criticality safety staff. The outcome of this communication was usually an agreement, based on professional judgement, that certain accident sequences were credible and had to be reduced in likelihood either by administrative controls or by equipment design and others were not credible, and thus did not warrant expenditures to further reduce their likelihood. The extent of analysis and documentation was generally in proportion to the complexity of the operation but did not include quantified risk assessments. During the last three years nuclear criticality safety related Probabilistic Risk Assessments (PRAs) have been preformed on operations in two Los Alamos facilities. Both of these were conducted in order to better understand the cost/benefit aspects of PRA's as they apply to largely ''hands-on'' operations with fissile material for which human errors or equipment failures significant to criticality safety are both rare and unique. Based on these two applications and an appreciation of the historical criticality accident record (frequency and consequences) it is apparent that quantified risk assessments should be performed very selectively

  4. Developing software for safety-critical applications

    International Nuclear Information System (INIS)

    Chudleigh, M.

    1989-01-01

    The effective implementation of many safety-critical systems involves microprocessors running software which needs to be of very high integrity. This article describes some of the problems of producing such software and the place of software within the total system. A development strategy is proposed based on three principles: the goal of defect-free development, the use of mathematical formalism, and the use of an independent team for testing. (author)

  5. A software engineering process for safety-critical software application

    International Nuclear Information System (INIS)

    Kang, Byung Heon; Kim, Hang Bae; Chang, Hoon Seon; Jeon, Jong Sun

    1995-01-01

    Application of computer software to safety-critical systems in on the increase. To be successful, the software must be designed and constructed to meet the functional and performance requirements of the system. For safety reason, the software must be demonstrated not only to meet these requirements, but also to operate safely as a component within the system. For longer-term cost consideration, the software must be designed and structured to ease future maintenance and modifications. This paper presents a software engineering process for the production of safety-critical software for a nuclear power plant. The presentation is expository in nature of a viable high quality safety-critical software development. It is based on the ideas of a rational design process and on the experience of the adaptation of such process in the production of the safety-critical software for the shutdown system number two of Wolsung 2, 3 and 4 nuclear power generation plants. This process is significantly different from a conventional process in terms of rigorous software development phases and software design techniques, The process covers documentation, design, verification and testing using mathematically precise notations and highly reviewable tabular format to specify software requirements and software requirements and software requirements and code against software design using static analysis. The software engineering process described in this paper applies the principle of information-hiding decomposition in software design using a modular design technique so that when a change is required or an error is detected, the affected scope can be readily and confidently located. it also facilitates a sense of high degree of confidence in the 'correctness' of the software production, and provides a relatively simple and straightforward code implementation effort. 1 figs., 10 refs. (Author)

  6. Evaluating Models of Human Performance: Safety-Critical Systems Applications

    Science.gov (United States)

    Feary, Michael S.

    2012-01-01

    This presentation is part of panel discussion on Evaluating Models of Human Performance. The purpose of this panel is to discuss the increasing use of models in the world today and specifically focus on how to describe and evaluate models of human performance. My presentation will focus on discussions of generating distributions of performance, and the evaluation of different strategies for humans performing tasks with mixed initiative (Human-Automation) systems. I will also discuss issues with how to provide Human Performance modeling data to support decisions on acceptability and tradeoffs in the design of safety critical systems. I will conclude with challenges for the future.

  7. Issues related to criticality safety analysis for burnup credit applications

    International Nuclear Information System (INIS)

    DeHart, M.D.; Parks, C.V.

    1995-01-01

    Spent fuel transportation and storage cask designs based on a burnup credit approach must consider issues that are not relevant in casks designed under a fresh fuel loading assumption. Parametric analyses are required to characterize the importance of fuel assembly and fuel cycle parameters on spent fuel composition and reactivity. Numerical models are evaluated to determine the sensitivity of criticality safety calculations to modeling assumptions. This paper discusses the results of studies to determine the effect of two important modeling assumptions on the criticality analysis of pressurized-water reactor (PWR) spent fuel: (1) the effect of assumed burnup history (i.e., specific power during and time-dependent variations in operational power) during depletion calculations, and (2) the effect of axial burnup distributions on the neutron multiplication factor calculated for a three-dimensional (3-D) conceptual cask design

  8. Safety and security profiles of industry networks used in safety- critical applications

    Directory of Open Access Journals (Sweden)

    Mária FRANEKOVÁ

    2008-01-01

    Full Text Available The author describes the mechanisms of safety and security profiles of industry and communication networks used within safety – related applications in technological and information levels of process control recommended according to standards IEC 61784-3,4. Nowadays the number of vendors of the safety – related communication technologies who guarantees besides the standard communication, the communication amongst the safety – related equipment according to IEC 61508 is increasing. Also the number of safety – related products is increasing, e. g. safety Fieldbus, safety PLC, safety curtains, safety laser scanners, safety buttons, safety relays and other. According to world survey the safety Fieldbus denoted the highest growth from all manufactured safety products.The main part of this paper is the description of the safety-related Fieldbus communication system, which has to guaranty Safety Integrity Level.

  9. Data-Centric Knowledge Discovery Strategy for a Safety-Critical Sensor Application

    Directory of Open Access Journals (Sweden)

    Nilamadhab Mishra

    2014-01-01

    Full Text Available In an indoor safety-critical application, sensors and actuators are clustered together to accomplish critical actions within a limited time constraint. The cluster may be controlled by a dedicated programmed autonomous microcontroller device powered with electricity to perform in-network time critical functions, such as data collection, data processing, and knowledge production. In a data-centric sensor network, approximately 3–60% of the sensor data are faulty, and the data collected from the sensor environment are highly unstructured and ambiguous. Therefore, for safety-critical sensor applications, actuators must function intelligently within a hard time frame and have proper knowledge to perform their logical actions. This paper proposes a knowledge discovery strategy and an exploration algorithm for indoor safety-critical industrial applications. The application evidence and discussion validate that the proposed strategy and algorithm can be implemented for knowledge discovery within the operational framework.

  10. Nuclear criticality safety guide

    International Nuclear Information System (INIS)

    Pruvost, N.L.; Paxton, H.C.

    1996-09-01

    This technical reference document cites information related to nuclear criticality safety principles, experience, and practice. The document also provides general guidance for criticality safety personnel and regulators

  11. Nuclear criticality safety guide

    Energy Technology Data Exchange (ETDEWEB)

    Pruvost, N.L.; Paxton, H.C. [eds.

    1996-09-01

    This technical reference document cites information related to nuclear criticality safety principles, experience, and practice. The document also provides general guidance for criticality safety personnel and regulators.

  12. Electronics system design techniques for safety critical applications

    CERN Document Server

    Sterpone, Luca

    2008-01-01

    Addresses the development of techniques for the evaluation and the hardening of designs implemented on SRAM-based Field Programmable Gate Arrays. This title presents a design methodology solving industrial designer''s needs for implementing electronic systems using SRAM-based FPGAs in critical environments, like the space or avionic ones.

  13. Assistance for design and realization of real-time safety critical applications according to Oasis

    International Nuclear Information System (INIS)

    Aussagues, Ch.; Cordonnier, Ch.; Quetueil, I.; David, V.

    1998-01-01

    Assistance for design and realization is all the more essential when safety-critical, real-time and complex applications are considered. When developing such applications, real-time and dependability features should be managed as soon as possible. Then, since the design phase, programmers have to strive even more than with common applications. In the context of the OASIS approach, assistance for design and realization is based on some intrinsic properties of the model, i.e. determinism, behavior independence and timeliness. The assistance, that may be furnished in the OASIS approach, has three complementary components that constitute the focus of this article. (authors)

  14. Nuclear criticality safety guide

    International Nuclear Information System (INIS)

    Ro, Seong Ki; Shin, Hee Seong; Park, Seong Won; Shin, Young Joon.

    1997-06-01

    Nuclear criticality safety guide was described for handling, transportation and storage of nuclear fissile materials in this report. The major part of the report was excerpted frp, TID-7016(revision 2) and nuclear criticality safety written by Knief. (author). 16 tabs., 44 figs., 5 refs

  15. Application of an integrated PC-based neutronics code system to criticality safety

    International Nuclear Information System (INIS)

    Briggs, J.B.; Nigg, D.W.

    1991-01-01

    An integrated system of neutronics and radiation transport software suitable for operation in an IBM PC-class environment has been under development at the Idaho National Engineering Laboratory (INEL) for the past four years. Four modules within the system are particularly useful for criticality safety applications. Using the neutronics portion of the integrated code system, effective neutron multiplication values (k eff values) have been calculated for a variety of benchmark critical experiments for metal systems (Plutonium and Uranium), Aqueous Systems (Plutonium and Uranium) and LWR fuel rod arrays. A description of the codes and methods used in the analysis and the results of the benchmark critical experiments are presented in this paper. In general, excellent agreement was found between calculated and experimental results. (Author)

  16. Firm Deadline Checking of Safety-Critical Java Applications with Statistical Model Checking

    DEFF Research Database (Denmark)

    Ravn, Anders P.; Thomsen, Bent; Søe Luckow, Kasper

    2017-01-01

    In cyber-physical applications many programs have hard real-time constraints that have to be stringently validated. In some applications, there are programs that have hard deadlines, which must not be violated. Other programs have soft deadlines where the value of the response decreases when...... hard deadline constraints to the case of firm deadlines for application programs written in Safety-Critical Java (SCJ). The existing approach uses models and model checking with the Uppaal toolset; the extension uses the statistical model checking features of Uppaal-smc to provide a hold on firm...... deadlines and performance in the case of soft deadlines. The extended approach is illustrated with examples from applications....

  17. Analytical Methods for Verification and Validation of Adaptive Systems in Safety-Critical Aerospace Applications, Phase I

    Data.gov (United States)

    National Aeronautics and Space Administration — A major challenge of the use of adaptive systems in safety-critical applications is the software life-cycle: requirement engineering through verification and...

  18. On the applicability of the critical safety function concept to a uranium hexafluoride conversion unit

    International Nuclear Information System (INIS)

    Santos, F.C.; Goncalves, J.S.; Melo, P.F. Frutuoso e; Medeiros, J.A.C.C.

    2013-01-01

    This paper presents a discussion on the applicability on the critical safety function (CSF) concept as a design criterion for the new UF 6 conversion plant of Industrias Nucleares do Brazil (INB). This discussion is in the context of accident management, under the safety function oriented management. Safety functions may be understood as those whose loss may lead to releases of radioactive material or highly toxic chemicals, having possible radiological and/or occupational consequences for workers, the public or the environment. They should be designed to prevent criticality and to ensure adequate process confinement, thus preventing radioactive material releases that might lead to internal or external exposure and highly toxic chemical releases and exposure. The main hazards is the potential release of chemicals, especially HF and UF 6 . A criticality hazard exists only if the conversion facility processes uranium with a 235 U concentration greater than 1% Industrial activities for UF 6 production include handling and processing explosive, toxic and lethal chemicals, such as HF, H 2 and elemental F 2 , besides intermediate compounds containing uranium. State trees and definition of logical arrangements to construct an annunciation system are the next development stages, resulting form the establishment of applicable CSFs as representative of the next development stages, resulting from the establishment of applicable CSFs as representative of the various systems that make up the conversion plant. Discussed also in the biggest challenge of the development of this innovation, that is, the uncertainties related to the impact of human factors (not subject to monitoring by sensors or process conventional instrumentation). (author)

  19. Assessment of criticality safety

    International Nuclear Information System (INIS)

    Lloyd, R.C.; Heaberlin, S.W.; Clayton, E.D.; Carter, R.D.

    1979-01-01

    A study was made of 100 violations of criticality safety specifications reported over a 10-y period in the operations of fuel reprocessing plants. The seriousness of each rule violation was evaluated by assigning it a severity index value. The underlying causes or reasons, for the violations were identified. A criticality event tree was constructed using the parameters, causes, and reasons found in the analysis of the infractions. The event tree provides a means for visualizing the paths to an accidental criticality. Some 65% of the violations were caused by misinterpretation on the part of the operator, being attributed to a lack of clarity in the specification and insufficient training; 33% were attributed to lack of care, whereas only 2% were caused by mechanical failure. A fault tree was constructed by assembling the events that could contribute to an accident. With suitable data on the probabilities of contributing events, the probability of the accident's occurrence can be forecast. Estimated probabilities for criticality were made, based on the limited data available, that in this case indicate a minimum time span of 244 y of plant operation per accident ranging up to approx. 3000 y subject to the various underlying assumptions made. Some general suggestions for improvement are formulated based on the cases studied. Although conclusions for other plants may differ in detail, the general method of analysis and the fault tree logic should prove applicable. 4 figures, 8 tables

  20. An Actuator Control Unit for Safety-Critical Mechatronic Applications with Embedded Energy Storage Backup

    Directory of Open Access Journals (Sweden)

    Sergio Saponara

    2016-03-01

    Full Text Available This paper presents an actuator control unit (ACU with a 450-J embedded energy storage backup to face safety critical mechatronic applications. The idea is to ensure full operation of electric actuators, even in the case of battery failure, by using supercapacitors as a local energy tank. Thanks to integrated switching converter circuitry, the supercapacitors provide the required voltage and current levels for the required time to guarantee actuator operation until the system enters into safety mode. Experimental results are presented for a target application related to the control of servomotors for a robotized prosthetic arm. Mechatronic devices for rehabilitation or assisted living of injured and/or elderly people are available today. In most cases, they are battery powered with lithium-based cells, providing high energy density and low weight, but at the expense of a reduced robustness compared to lead-acid- or nickel-based battery cells. The ACU of this work ensures full operation of the wearable robotized arm, controlled through acceleration and electromyography (EMG sensor signals, even in the case of battery failure, thanks to the embedded energy backup unit. To prove the configurability and scalability of the proposed solution, experimental results related to the electric actuation of the car door latch and of a robotized gearbox in vehicles are also shown. The reliability of the energy backup device has been assessed in a wide temperature range, from −40 to 130 °C, and in a durability test campaign of more than 10,000 cycles. Achieved results prove the suitability of the proposed approach for ACUs requiring a burst of power of hundreds of watts for only a few seconds in safety-critical applications. Alternatively, the aging and temperature characterizations of energy backup units is limited to supercapacitors of thousands of farads for high power applications (e.g., electric/hybrid propulsion and with a temperature range limited to

  1. Assessment of criticality safety

    International Nuclear Information System (INIS)

    Clayton, E.D.

    1983-01-01

    A study was undertaken to determine concerns and possible trends in nuclear criticality safety in DOE facilities. The information gathered from specialists in the field did not indicate that serious concerns or extends exist. The program was terminated before completion

  2. Verification of MCNP6.2 for Nuclear Criticality Safety Applications

    Energy Technology Data Exchange (ETDEWEB)

    Brown, Forrest B. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Rising, Michael Evan [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Alwin, Jennifer Louise [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2017-05-10

    Several suites of verification/validation benchmark problems were run in early 2017 to verify that the new production release of MCNP6.2 performs correctly for nuclear criticality safety applications (NCS). MCNP6.2 results for several NCS validation suites were compared to the results from MCNP6.1 [1] and MCNP6.1.1 [2]. MCNP6.1 is the production version of MCNP® released in 2013, and MCNP6.1.1 is the update released in 2014. MCNP6.2 includes all of the standard features for NCS calculations that have been available for the past 15 years, along with new features for sensitivity-uncertainty based methods for NCS validation [3]. Results from the benchmark suites were compared with results from previous verification testing [4-8]. Criticality safety analysts should consider testing MCNP6.2 on their particular problems and validation suites. No further development of MCNP5 is planned. MCNP6.1 is now 4 years old, and MCNP6.1.1 is now 3 years old. In general, released versions of MCNP are supported only for about 5 years, due to resource limitations. All future MCNP improvements, bug fixes, user support, and new capabilities are targeted only to MCNP6.2 and beyond.

  3. ASIC-based design of NMR system health monitor for mission/safety-critical applications.

    Science.gov (United States)

    Balasubramanian, P

    2016-01-01

    N-modular redundancy (NMR) is a generic fault tolerance scheme that is widely used in safety-critical circuit/system designs to guarantee the correct operation with enhanced reliability. In passive NMR, at least a majority (N + 1)/2 out of N function modules is expected to operate correctly at any time, where N is odd. Apart from a conventional realization of the NMR system, it would be useful to provide a concurrent indication of the system's health so that an appropriate remedial action may be initiated depending upon an application's safety criticality. In this context, this article presents the novel design of a generic NMR system health monitor which features: (i) early fault warning logic, that is activated upon the production of a conflicting result by even one output of any arbitrary function module, and (ii) error signalling logic, which signals an error when the number of faulty function modules unfortunately attains a majority and the system outputs may no more be reliable. Two sample implementations of NMR systems viz. triple modular redundancy and quintuple modular redundancy with the proposed system health monitoring are presented in this work, with a 4-bit ALU used for the function modules. The simulations are performed using a 32/28 nm CMOS process technology.

  4. Risk informed approach for complex safety-critical digital application development

    International Nuclear Information System (INIS)

    Kang, H. G.; Jang, S. C.

    2006-01-01

    Safety-critical applications should be designed with a multiple-redundancy, highly reliable components, strengthened monitoring mechanisms, and well-verified software. These features are focusing on maintaining the capability to perform the given safety function when a demand arrives. Probabilistic safety assessment (PSA) is expected to provide useful tools for balancing the safety, performance and cost aspects since it provides information on a system under design. Thanks to its design flexibility, a digital system is one of the most suitable candidates for risk-informed design (RID) of which the main goal is a reduction of system unavailability in a balanced manner. On the other hand, this greater flexibility implies a higher ambiguity in design. In order to provide information for decision making, PSA will play a very important role. However, a repeated PSA analysis for every design change is impractical. This study aims to suggest a more convenient frame for the RID procedure for digital systems even though it is not sophisticated enough at present. The safety-critical functions of the digital I and C system could be defined as: Generating an automatic actuation signal and providing information to a human operator. A high redundancy would clearly reduce the risk from the single failure of components, but raise the importance of a common cause failure (CCF) and a dependency analysis. It is also notable that the operator performance largely depends on the information supplied by information processing system. The proposed procedure could be summarized by the following steps: - Derive the dominant risk contributors and their correlation with system unavailability - Determine the design factors whose characteristics is related to the dominant contributors - Develop an unavailability equation whose variables are design factors The PSA events are hard to understand for design staffs, so these events should be interpreted to the design factors which are more familiar

  5. Traceability of Software Safety Requirements in Legacy Safety Critical Systems

    Science.gov (United States)

    Hill, Janice L.

    2007-01-01

    How can traceability of software safety requirements be created for legacy safety critical systems? Requirements in safety standards are imposed most times during contract negotiations. On the other hand, there are instances where safety standards are levied on legacy safety critical systems, some of which may be considered for reuse for new applications. Safety standards often specify that software development documentation include process-oriented and technical safety requirements, and also require that system and software safety analyses are performed supporting technical safety requirements implementation. So what can be done if the requisite documents for establishing and maintaining safety requirements traceability are not available?

  6. Towards spatial isolation design in a multi-core real-time kernel targeting safety-critical applications

    DEFF Research Database (Denmark)

    Li, Gang; Top, Søren

    2013-01-01

    In mixed-criticality systems, applications naturally have different safety criticality levels. Partitioning technology is usually used to enable the integration of such mixed criticality applications upon one platform, aiming at reducing hardware, power consumption and especially certification cost....... Partitioning can prevent fault propagation among mixed-criticality applications, if spatial and temporal isolation are adequately ensured. This paper focuses on the solution of spatial isolation in the HARTEX kernel on a multi-core platform in terms of memory, communication between applications and I/O sharing....... According to formulated isolation requirements, a simple partitioning multi-core hardware architecture is proposed using SoC and memory protection units, and the kernel is extended to support spatial isolation between the kernel and applications as well as between applications. Combined design of hardware...

  7. Applications of probabilistic risk assessment to criticality safety at the Savannah River Site

    International Nuclear Information System (INIS)

    Lux, C.R.; Fisk, P.L.

    1989-01-01

    Since 1973 the Savannah River Laboratory (SRL) has used probabilistic risk assessment to determine the frequency for criticality accidents at the Savannah River Site. The Savannah River Site is unique in that it has a detailed, site specific, data bank based on 35 years of facility operation. Use of this data bank with probabilistic risk assessment precipitated facility actions which resulted in the reduction of the calculated criticality frequency by as much as two orders of magnitude. Probabilistic risk assessment has also been used to quantify the impact of non-process-related systems on criticality safety

  8. RICIS Symposium 1992: Mission and Safety Critical Systems Research and Applications

    Science.gov (United States)

    1992-01-01

    This conference deals with computer systems which control systems whose failure to operate correctly could produce the loss of life and or property, mission and safety critical systems. Topics covered are: the work of standards groups, computer systems design and architecture, software reliability, process control systems, knowledge based expert systems, and computer and telecommunication protocols.

  9. Engineering design guidelines for nuclear criticality safety

    International Nuclear Information System (INIS)

    Waltz, W.R.

    1988-08-01

    This document provides general engineering design guidelines specific to nuclear criticality safety for a facility where the potential for a criticality accident exists. The guide is applicable to the design of new SRP/SRL facilities and to major modifications Of existing facilities. The document is intended an: A guide for persons actively engaged in the design process. A resource document for persons charged with design review for adequacy relative to criticality safety. A resource document for facility operating personnel. The guide defines six basic criticality safety design objectives and provides information to assist in accomplishing each objective. The guide in intended to supplement the design requirements relating to criticality safety contained in applicable Department of Energy (DOE) documents. The scope of the guide is limited to engineering design guidelines associated with criticality safety and does not include other areas of the design process, such as: criticality safety analytical methods and modeling, nor requirements for control of the design process

  10. Tank farms criticality safety manual

    International Nuclear Information System (INIS)

    FORT, L.A.

    2003-01-01

    This document defines the Tank Farms Contractor (TFC) criticality safety program, as required by Title 10 Code of Federal Regulations (CFR-), Subpart 830.204(b)(6), ''Documented Safety Analysis'' (10 CFR- 830.204 (b)(6)), and US Department of Energy (DOE) 0 420.1A, Facility Safety, Section 4.3, ''Criticality Safety.'' In addition, this document contains certain best management practices, adopted by TFC management based on successful Hanford Site facility practices. Requirements in this manual are based on the contractor requirements document (CRD) found in Attachment 2 of DOE 0 420.1A, Section 4.3, ''Nuclear Criticality Safety,'' and the cited revisions of applicable standards published jointly by the American National Standards Institute (ANSI) and the American Nuclear Society (ANS) as listed in Appendix A. As an informational device, requirements directly imposed by the CRD or ANSI/ANS Standards are shown in boldface. Requirements developed as best management practices through experience and maintained consistent with Hanford Site practice are shown in italics. Recommendations and explanatory material are provided in plain type

  11. Criticality safety basics, a study guide

    International Nuclear Information System (INIS)

    Putman, V.L.

    1999-01-01

    This document is a self-study and classroom guide, for criticality safety of activities with fissile materials outside nuclear reactors. This guide provides a basic overview of criticality safety and criticality accident prevention methods divided into three parts: theory, application, and history. Except for topic emphasis, theory and history information is general, while application information is specific to the Idaho National Engineering and Environmental Laboratory (INEEL). Information presented here should be useful to personnel who must know criticality safety basics to perform their assignments safely or to design critically safe equipment or operations. However, the guide's primary target audience is fissile material handler candidates

  12. Criticality safety basics, a study guide

    Energy Technology Data Exchange (ETDEWEB)

    V. L. Putman

    1999-09-01

    This document is a self-study and classroom guide, for criticality safety of activities with fissile materials outside nuclear reactors. This guide provides a basic overview of criticality safety and criticality accident prevention methods divided into three parts: theory, application, and history. Except for topic emphasis, theory and history information is general, while application information is specific to the Idaho National Engineering and Environmental Laboratory (INEEL). Information presented here should be useful to personnel who must know criticality safety basics to perform their assignments safely or to design critically safe equipment or operations. However, the guide's primary target audience is fissile material handler candidates.

  13. Design optimization for security-and safety-critical distributed real-time applications

    DEFF Research Database (Denmark)

    Jiang, Wei; Pop, Paul; Jiang, Ke

    2016-01-01

    In this paper, we are interested in the design of real-time applications with security, safety, timing, and energy requirements. The applications are scheduled with cyclic scheduling, and are mapped on distributed heterogeneous architectures. Cryptographic services are deployed to satisfy security...... security measures for messages, the voltage and frequency levels for tasks, and the schedule tables such that the security and reliability requirements are satisfied, the application is schedulable, and the energy consumption is minimized. We propose a Tabu Search based metaheuristic to solve this problem....... Extensive experiments and a real-life application are conducted to evaluate the proposed techniques....

  14. Nuclear data for criticality safety

    International Nuclear Information System (INIS)

    Westfall, R.M.

    1994-01-01

    A brief overview is presented on emerging requirements for new criticality safety analyses arising from applications involving nuclear waste management, facility remediation, and the storage of nuclear weapons components. A derivation of criticality analyses from the specifications of national consensus standards is given. These analyses, both static and dynamic, define the needs for nuclear data. Integral data, used primarily for analytical validation, and differential data, used in performing the analyses, are listed, along with desirable margins of uncertainty. Examples are given of needs for additional data to address systems having intermediate neutron energy spectra and/or containing nuclides of intermediate mass number

  15. Safety-Critical Java for Embedded Systems

    DEFF Research Database (Denmark)

    Rios Rivas, Juan Ricardo

    Safety-critical systems are real-time systems whose failure can have severe or catastrophic consequences, possibly endangering human life. Many safety-critical systems incorporate embedded computers used to control different tasks. Software running on safety-critical systems needs to be certified...... before its deployment and the most time-consuming step of this process is the testing and verification phase. Due to the increasing complexity in safety-critical systems there is a need for new technologies that can facilitate testing and verification activities. The safety-critical specification...... for Java aims at providing a reduced set of the Java programming language that can be used for systems that need to be certified at the highest levels of criticality. Safety-critical Java (SCJ) restricts how a developer can structure an application by providing a specific programming model...

  16. Safety-critical Java for embedded systems

    DEFF Research Database (Denmark)

    Schoeberl, Martin; Dalsgaard, Andreas Engelbredt; Hansen, René Rydhof

    2016-01-01

    This paper presents the motivation for and outcomes of an engineering research project on certifiable Javafor embedded systems. The project supports the upcoming standard for safety-critical Java, which defines asubset of Java and libraries aiming for development of high criticality systems....... The outcome of this projectinclude prototype safety-critical Java implementations, a time-predictable Java processor, analysis tools formemory safety, and example applications to explore the usability of safety-critical Java for this applicationarea. The text summarizes developments and key contributions...

  17. Analysis using formal method and testing technique for the processor module for safety-critical application

    International Nuclear Information System (INIS)

    Choi, J. Y.; Choi, B. J.; Song, H. J.; Hwang, D. Y.; Song, G. H.; Lee, H.

    2008-06-01

    This research is on help develop nuclear power plant control system, through the requirement specification and verification method development. As the result of applying the test method, a test standard was obtain through test documentation writing support and a test document reflecting the standard test activities based on the test standard. The specification and verification of the pCOS system and the unified testing documentation and execution helps the entire project to progress and enable us to achieve necessary documents and technology to develop a safety critical system

  18. Analysis using formal method and testing technique for the processor module for safety-critical application

    Energy Technology Data Exchange (ETDEWEB)

    Choi, J. Y.; Choi, B. J.; Song, H. J.; Hwang, D. Y.; Song, G. H.; Lee, H. [Korea University, Seoul (Korea, Republic of)

    2008-06-15

    This research is on help develop nuclear power plant control system, through the requirement specification and verification method development. As the result of applying the test method, a test standard was obtain through test documentation writing support and a test document reflecting the standard test activities based on the test standard. The specification and verification of the pCOS system and the unified testing documentation and execution helps the entire project to progress and enable us to achieve necessary documents and technology to develop a safety critical system.

  19. An Introduction to Formal Methods for the Development of Safety-critical Applications

    DEFF Research Database (Denmark)

    Haxthausen, Anne Elisabeth

    2010-01-01

    This report is a delivery to The Danish Government’s railway authority, Trafikstyrelsen, as a part of the Public Sector Consultancy service offered by the Technical University of Denmark. The purpose of the report is to give the reader an insight into the stateof-the-art of formal methods. The reader...... systems will be software components that must fulfill strong safety requirements: in order to get the software certified at the highest Safety Integrity Levels of the European CENELEC standards for railway applications, the software providers are expected to use formal methods....... is assumed to have some knowledge about software development, but not on formal methods. The background for the railway authorities’ interest in formal methods is the fact that during the next decade a total renewal of the Danish signalling infrastructure is going to take place. Central parts of the new...

  20. A Profile for Safety Critical Java

    DEFF Research Database (Denmark)

    Schoeberl, Martin; Søndergaard, Hans; Thomsen, Bent

    2007-01-01

    We propose a new, minimal specification for real-time Java for safety critical applications. The intention is to provide a profile that supports programming of applications that can be validated against safety critical standards such as DO-178B [15]. The proposed profile is in line with the Java...... specification request JSR-302: Safety Critical Java Technology, which is still under discussion. In contrast to the current direction of the expert group for the JSR-302 we do not subset the rather complex Real-Time Specification for Java (RTSJ). Nevertheless, our profile can be implemented on top of an RTSJ...

  1. Understanding the application of knowledge management to the safety critical facilities

    International Nuclear Information System (INIS)

    Ilina, Elena

    2010-01-01

    Challenges to the operating nuclear power plants and transport infrastructures are outlined. It is concluded that most aggravating factors are related to knowledge. Thus, of necessity, effective knowledge management is required. Knowledge management theories are reviewed in their historical perspective as a natural extension and unification of information theories and theories about learning. The first line is identified with names as Wiener, Ashby, Shannon, Jaynes, Dretske, Harkevich. The second line - with Vygotsky, Engestroem, Carayannis. The recent developments of knowledge management theorists as Davenport, Prusak, Drew, Wiig, Zack are considered stressing learning, retaining of knowledge, approaching the state awareness of awareness, and alignment of knowledge management with the strategy of the concerned organizations. Further, some of the details and results are presented of what is achieved so far. More specifically, knowledge management tools are applied to the practical work activities as event reporting, data collection, condition assessment, verification of safety functions and incident investigation. Obstacles are identified and improvements are proposed. Finally, it is advised to continue to implement and further develop knowledge management tools in the organizations involved in various aspects of safety critical facilities

  2. Continuous-energy version of KENO V.a for criticality safety applications

    International Nuclear Information System (INIS)

    Dunn, Michael E.; Greene, N. Maurice; Petrie, Lester M.

    2003-01-01

    KENO V.a is a multigroup Monte Carlo code that solves the Boltzmann transport equation and is used extensively in the criticality safety community to calculate the effective multiplication factor of systems with fissionable material. In this work, a continuous-energy or pointwise version of KENO V.a has been developed by first designing a new continuous-energy cross-section format and then by developing the appropriate Monte Carlo transport procedures to sample the new cross-section format. In order to generate pointwise cross sections for a test library, a series of cross-section processing modules were developed and used to process 50 ENDF/B-6 Release 7 nuclides for the test library. Once the cross-section processing procedures were in place, a continuous-energy version of KENO V.a was developed and tested by calculating 21 critical benchmark experiments. The point KENO-calculated results for the 21 benchmarks are in agreement with calculated results obtained with the multigroup version of KENO V.a using the 238-group ENDF/B-5 and 199-group ENDF/B-6 Release 3 libraries. Based on the calculated results with the prototypic cross-section library, a continuous-energy version of the KENO V.a code has been successfully developed and demonstrated for modeling systems with fissionable material. (author)

  3. AGING FACILITY CRITICALITY SAFETY CALCULATIONS

    International Nuclear Information System (INIS)

    C.E. Sanders

    2004-01-01

    The purpose of this design calculation is to revise and update the previous criticality calculation for the Aging Facility (documented in BSC 2004a). This design calculation will also demonstrate and ensure that the storage and aging operations to be performed in the Aging Facility meet the criticality safety design criteria in the ''Project Design Criteria Document'' (Doraswamy 2004, Section 4.9.2.2), and the functional nuclear criticality safety requirement described in the ''SNF Aging System Description Document'' (BSC [Bechtel SAIC Company] 2004f, p. 3-12). The scope of this design calculation covers the systems and processes for aging commercial spent nuclear fuel (SNF) and staging Department of Energy (DOE) SNF/High-Level Waste (HLW) prior to its placement in the final waste package (WP) (BSC 2004f, p. 1-1). Aging commercial SNF is a thermal management strategy, while staging DOE SNF/HLW will make loading of WPs more efficient (note that aging DOE SNF/HLW is not needed since these wastes are not expected to exceed the thermal limits form emplacement) (BSC 2004f, p. 1-2). The description of the changes in this revised document is as follows: (1) Include DOE SNF/HLW in addition to commercial SNF per the current ''SNF Aging System Description Document'' (BSC 2004f). (2) Update the evaluation of Category 1 and 2 event sequences for the Aging Facility as identified in the ''Categorization of Event Sequences for License Application'' (BSC 2004c, Section 7). (3) Further evaluate the design and criticality controls required for a storage/aging cask, referred to as MGR Site-specific Cask (MSC), to accommodate commercial fuel outside the content specification in the Certificate of Compliance for the existing NRC-certified storage casks. In addition, evaluate the design required for the MSC that will accommodate DOE SNF/HLW. This design calculation will achieve the objective of providing the criticality safety results to support the preliminary design of the Aging

  4. User-oriented information access by information need recontextualisation and articulation. Application in nuclear criticality safety

    International Nuclear Information System (INIS)

    Medini, Lionel

    2001-01-01

    This research thesis addresses the design methodology of a system of access to information which is based on an access to relevant information with respect to user needs. In a first part, the author addresses the various issues related to access to information and to information understanding. The next part addresses the involved methods and tools and presents the operational approach adopted for this research regarding access to information. Different disciplines are addressed (knowledge management, ergonomics and information science) and different technologies are used (W3 and XML, DVP, ActiveX, pdf format and the Adobe suite). In the core chapter, the author reports the design of a LMCE (a multi-user book of electronic knowledge) which allows both hypermedia navigation in knowledge diagrams and a construction of a document query. This design is based on a knowledge-management modelling to define diagrams, on ergonomics modelling for user profile identification, and on information science for a specific indexing of the information system. The prototype can be visualized with a web browser such as Internet Explorer 5. The author reports a first assessment and discusses the contribution of his approach to the problematic of access to information which is to be applied to nuclear criticality safety [fr

  5. Experimental study of neutron noise with criticality safety applications in mind

    International Nuclear Information System (INIS)

    Barnett, C.S.

    1985-11-01

    A study has been conducted on the statistics of detected neutrons that leaked from four subcritical reflected, enriched-uranium assemblies, to explore the feasibility of developing a criticality warning system based on neutron noise analysis. Studies were conducted on three possible discriminators, i.e., three signatures that might be used to discriminate among assemblies of various multiplications. The noise analysis techniques studied performed well enough in deeply subcritical situations to deserve testing in an applications environment. They have a good chance of detecting changes in reactivity that are potentially dangerous. One can expect sharpest results when doing comparisons, i.e., when comparing two records, one taken in the past under circumstances known to be normal and one taken now to search for change

  6. Nuclear Criticality Safety Department Qualification Program

    International Nuclear Information System (INIS)

    Carroll, K.J.; Taylor, R.G.; Worley, C.A.

    1996-01-01

    The Nuclear Criticality Safety Department (NCSD) is committed to developing and maintaining a staff of highly qualified personnel to meet the current and anticipated needs in Nuclear Criticality Safety (NCS) at the Oak Ridge Y-12 Plant. This document defines the Qualification Program to address the NCSD technical and managerial qualification as required by the Y-1 2 Training Implementation Matrix (TIM). This Qualification Program is in compliance with DOE Order 5480.20A and applicable Lockheed Martin Energy Systems, Inc. (LMES) and Y-1 2 Plant procedures. It is implemented through a combination of WES plant-wide training courses and professional nuclear criticality safety training provided within the department. This document supersedes Y/DD-694, Revision 2, 2/27/96, Qualification Program, Nuclear Criticality Safety Department There are no backfit requirements associated with revisions to this document

  7. AGING FACILITY CRITICALITY SAFETY CALCULATIONS

    Energy Technology Data Exchange (ETDEWEB)

    C.E. Sanders

    2004-09-10

    The purpose of this design calculation is to revise and update the previous criticality calculation for the Aging Facility (documented in BSC 2004a). This design calculation will also demonstrate and ensure that the storage and aging operations to be performed in the Aging Facility meet the criticality safety design criteria in the ''Project Design Criteria Document'' (Doraswamy 2004, Section 4.9.2.2), and the functional nuclear criticality safety requirement described in the ''SNF Aging System Description Document'' (BSC [Bechtel SAIC Company] 2004f, p. 3-12). The scope of this design calculation covers the systems and processes for aging commercial spent nuclear fuel (SNF) and staging Department of Energy (DOE) SNF/High-Level Waste (HLW) prior to its placement in the final waste package (WP) (BSC 2004f, p. 1-1). Aging commercial SNF is a thermal management strategy, while staging DOE SNF/HLW will make loading of WPs more efficient (note that aging DOE SNF/HLW is not needed since these wastes are not expected to exceed the thermal limits form emplacement) (BSC 2004f, p. 1-2). The description of the changes in this revised document is as follows: (1) Include DOE SNF/HLW in addition to commercial SNF per the current ''SNF Aging System Description Document'' (BSC 2004f). (2) Update the evaluation of Category 1 and 2 event sequences for the Aging Facility as identified in the ''Categorization of Event Sequences for License Application'' (BSC 2004c, Section 7). (3) Further evaluate the design and criticality controls required for a storage/aging cask, referred to as MGR Site-specific Cask (MSC), to accommodate commercial fuel outside the content specification in the Certificate of Compliance for the existing NRC-certified storage casks. In addition, evaluate the design required for the MSC that will accommodate DOE SNF/HLW. This design calculation will achieve the objective of providing the

  8. Study of neutron noise from reflected, metal assemblies with criticality safety applications in mind

    International Nuclear Information System (INIS)

    Barnett, C.S.

    1985-01-01

    The author studied the statistics of detected neutrons that leaked from four subcritical reflected, enriched-uranium assemblies, to explore the feasibility of developing a criticality warning system based on neutron noise analysis. The calculated multiplication factors of the assemblies are 0.59, 0.74, 0.82, and 0.92. The author studied three possible discriminators, i.e., three signatures that might be used to discriminate among assemblies of various multiplications. They are: (1) variance-to-mean ratio of the counts in a time bin (V/M); (2) covariance-to-mean ratio of the counts in a common time bin from two different detectors (C/M); and (3) covariance-to-mean ratio of the counts from a single detector in two adjacent time bins of equal length, which the author calls the serial-covariance-to-mean ratio (SC/M). The performances of the three discriminators were not greatly different, but a hierarchy did emerge: SC/M greater than or equal to V/M greater than or equal to C/M. An example of some results: in the neighborhood of k = 0.6 the Δk required for satisfactory discrimination varies from about 3% to 7% as detector solid angle varies from 19% to 5%. In the neighborhood of k = 0.8 the corresponding Δks are 1% and 2%. The noise analysis techniques studied performed well enough in deeply subcritical situations to deserve testing in an applications environment. They have a good chance of detecting changes in reactivity that are potentially dangerous. One can expect sharpest results when doing comparisons, i.e., when comparing two records, one taken in the past under circumstances known to be normal and one taken now to search for change

  9. Study of neutron noise from reflected, metal assemblies with criticality safety applications in mind

    International Nuclear Information System (INIS)

    Barnett, C.S.

    1985-01-01

    The author studied the statistics of detected neutrons that leaked from four subcritical reflected, enriched-uranium assemblies, to explore the feasibility of developing a criticality warning system based on neutron noise analysis. The calculated multiplication factors of the assemblies are 0.59, 0.74, 0.82, and 0.92. The author studied three possible discriminators, i.e., three signatures that might be used to discriminate among assemblies of various multiplications. They are (1) variance-to-mean ratio of the counts in a time bin (V/M), (2) covariance-to-mean ratio of the counts in a common time bin from two different detectors (C/M), (3) covariance-to-mean ratio of the counts from a single detector in two adjacent time bins of equal length, which the author calls the serial-covariance-to-mean ratio (SC/M). The performances of the three discriminators were not greatly different, but a hierarchy did emerge: SC/M greater than or equal to V/M greater than or equal to C/M. An example of some results: in the neighborhood of k = 0.6 the Δk required for satisfactory discrimination varies from about 3% to 7% as detector solid angle varies from 19% to 5%. In the neighborhood of k = 0.8 the corresponding Δks are 1% and 2%. The noise analysis techniques studied performed well enough in deeply subcritical situations to deserve testing in an applications environment. They have a good chance of detecting changes in reactivity that are potentially dangerous. One can expect sharpest results when doing comparison, i.e., when comparing two records, one taken in the past under circumstances known to be normal and one taken now to search for change

  10. Autoclave nuclear criticality safety analysis

    Energy Technology Data Exchange (ETDEWEB)

    D`Aquila, D.M. [Martin Marietta Energy Systems, Inc., Piketon, OH (United States); Tayloe, R.W. Jr. [Battelle, Columbus, OH (United States)

    1991-12-31

    Steam-heated autoclaves are used in gaseous diffusion uranium enrichment plants to heat large cylinders of UF{sub 6}. Nuclear criticality safety for these autoclaves is evaluated. To enhance criticality safety, systems are incorporated into the design of autoclaves to limit the amount of water present. These safety systems also increase the likelihood that any UF{sub 6} inadvertently released from a cylinder into an autoclave is not released to the environment. Up to 140 pounds of water can be held up in large autoclaves. This mass of water is sufficient to support a nuclear criticality when optimally combined with 125 pounds of UF{sub 6} enriched to 5 percent U{sup 235}. However, water in autoclaves is widely dispersed as condensed droplets and vapor, and is extremely unlikely to form a critical configuration with released UF{sub 6}.

  11. SCALE criticality safety verification and validation package

    International Nuclear Information System (INIS)

    Bowman, S.M.; Emmett, M.B.; Jordan, W.C.

    1998-01-01

    Verification and validation (V and V) are essential elements of software quality assurance (QA) for computer codes that are used for performing scientific calculations. V and V provides a means to ensure the reliability and accuracy of such software. As part of the SCALE QA and V and V plans, a general V and V package for the SCALE criticality safety codes has been assembled, tested and documented. The SCALE criticality safety V and V package is being made available to SCALE users through the Radiation Safety Information Computational Center (RSICC) to assist them in performing adequate V and V for their SCALE applications

  12. Challenges in the application of burn-up credit to the criticality safety of the THORP reprocessing plant

    International Nuclear Information System (INIS)

    Mayson, R.T.H.; Gunston, K.J.

    1999-01-01

    Since 1991 BNFL has made a significant investment in the development of the burn-up credit method and the application to its operations. It has recently demonstrated that using this method for the THORP dissolvers, it is possible to justify operating safety with reduced neutron poison concentrations and this has now been submitted to the regulators. The continued challenges the criticality safety community is facing are to show that we are not reducing safety levels because we are using burn-up credit. The burn-up credit method that has been developed can be summarized as follows. It consists of performing reactivity calculations for irradiated fuel using compositions generated by and inventory prediction code, generally in order to determine the limiting burn-up required for that fuel in a particular environment. In addition, it has always been envisaged that a confirmatory measurement of burn-up would be required to be made prior to certain operations such as the sharing of fuel into a dissolver. The burn-up credit method therefore relies upon three key components of inventory prediction, reactivity calculation code and the quantification and verification of burn-up. (J.P.N.)

  13. A desktop 3D printer in safety-critical Java

    DEFF Research Database (Denmark)

    Strøm, Tórur Biskopstø; Schoeberl, Martin

    2012-01-01

    It is desirable to bring Java technology to safety-critical systems. To this end The Open Group has created the safety-critical Java specification, which will allow Java applications, written according to the specification, to be certifiable in accordance with safety-critical standards. Although...... there exist several safety-critical Java framework implementations, there is a lack of safety-critical use cases implemented according to the specification. In this paper we present a 3D printer and its safety-critical Java level 1 implementation as a use case. With basis in the implementation we evaluate...

  14. HSE's safety assessment principles for criticality safety

    International Nuclear Information System (INIS)

    Simister, D N; Finnerty, M D; Warburton, S J; Thomas, E A; Macphail, M R

    2008-01-01

    The Health and Safety Executive (HSE) published its revised Safety Assessment Principles for Nuclear Facilities (SAPs) in December 2006. The SAPs are primarily intended for use by HSE's inspectors when judging the adequacy of safety cases for nuclear facilities. The revised SAPs relate to all aspects of safety in nuclear facilities including the technical discipline of criticality safety. The purpose of this paper is to set out for the benefit of a wider audience some of the thinking behind the final published words and to provide an insight into the development of UK regulatory guidance. The paper notes that it is HSE's intention that the Safety Assessment Principles should be viewed as a reflection of good practice in the context of interpreting primary legislation such as the requirements under site licence conditions for arrangements for producing an adequate safety case and for producing a suitable and sufficient risk assessment under the Ionising Radiations Regulations 1999 (SI1999/3232 www.opsi.gov.uk/si/si1999/uksi_19993232_en.pdf). (memorandum)

  15. An architecture pattern for safety critical automated driving applications: Design and analysis

    NARCIS (Netherlands)

    Luo, Y.; Saberi, A.K.; Bijlsma, T.; Lukkien, J.J.; Brand, M. van den

    2017-01-01

    Introduction of automated driving increases complexity of automotive systems. As a result, architecture design becomes a major concern for ensuring non-functional requirements such as safety, and modifiability. In the ISO 26262 standard, architecture patterns are recommended for system development.

  16. Development of a test rig and its application for validation and reliability testing of safety-critical software

    International Nuclear Information System (INIS)

    Thai, N.D.; McDonald, A.M.

    1995-01-01

    This paper describes a versatile test rig developed by AECL for functional testing of safety-critical software used in the process trip computers of the Wolsong CANDU stations. The description covers the hardware and software aspects of the test rig, the test language and its interpreter, and other major testing software utilities such as the test oracle, sampler and profiler. The paper also discusses the application of the rig in the final stages of testing of the process trip computer software, namely validation and reliability tests. It shows how random test cases are generated, test scripts prepared and automatically run on the test rig. The versatility of the rig is further demonstrated in other types of testing such as sub-system tests, verification of the test oracle, testing of newly-developed test script, self-test and calibration. (author). 5 tabs., 10 figs

  17. Nuclear criticality safety in Canada

    International Nuclear Information System (INIS)

    Shultz, K.R.

    1980-04-01

    The approach taken to nuclear criticality safety in Canada has been influenced by the historical development of participants. The roles played by governmental agencies and private industry since the Atomic Energy Control Act was passed into Canadian Law in 1946 are outlined to set the scene for the current situation and directions that may be taken in the future. Nuclear criticality safety puts emphasis on the control of materials called special fissionable material in Canada. A brief account is given of the historical development and philosophy underlying the existing regulations governing special fissionable material. Subsequent events have led to a change in emphasis in the regulatory process that has not yet been fully integrated into Canadian legislation and regulations. Current efforts towards further development of regulations governing the practice of nuclear criticality safety are described. (auth)

  18. Nuclear criticality safety in Canada

    International Nuclear Information System (INIS)

    Shultz, K.R.

    1980-01-01

    The approach taken to nuclear criticality safety in Canada has been influenced by the historical development of participants. The roles played by governmental agencies and private industry since the Atomic Energy Control Act was passed into Canadian Law in 1946 are outlined to set the scene for the current situation and directions that may be taken in the future. Nuclear criticality safety puts emphasis on the control of materials called special fissionable material in Canada. A brief account is given of the historical development and philosophy underlying the existing regulations governing special fissionable material. Subsequent events have led to a change in emphasis in the regulatory process that has not yet been fully integrated into Canadian legislation and regulations. Current efforts towards further development of regulations governing the practice of nuclear criticality safety are described

  19. Anatomy of safety-critical computing problems

    International Nuclear Information System (INIS)

    Swu Yih; Fan Chinfeng; Shirazi, Behrooz

    1995-01-01

    This paper analyzes the obstacles faced by current safety-critical computing applications. The major problem lies in the difficulty to provide complete and convincing safety evidence to prove that the software is safe. We explain this problem from a fundamental perspective by analyzing the essence of safety analysis against that of software developed by current practice. Our basic belief is that in order to perform a successful safety analysis, the state space structure of the analyzed system must have some properties as prerequisites. We propose the concept of safety analyzability, and derive its necessary and sufficient conditions; namely, definability, finiteness, commensurability, and tractability. We then examine software state space structures against these conditions, and affirm that the safety analyzability of safety-critical software developed by current practice is severely restricted by its state space structure and by the problem of exponential growth cost. Thus, except for small and simple systems, the safety evidence may not be complete and convincing. Our concepts and arguments successfully explain the current problematic situation faced by the safety-critical computing domain. The implications are also discussed

  20. Nuclear Criticality Safety Data Book

    International Nuclear Information System (INIS)

    Hollenbach, D. F.

    2016-01-01

    The objective of this document is to support the revision of criticality safety process studies (CSPSs) for the Uranium Processing Facility (UPF) at the Y-12 National Security Complex (Y-12). This design analysis and calculation (DAC) document contains development and justification for generic inputs typically used in Nuclear Criticality Safety (NCS) DACs to model both normal and abnormal conditions of processes at UPF to support CSPSs. This will provide consistency between NCS DACs and efficiency in preparation and review of DACs, as frequently used data are provided in one reference source.

  1. Nuclear Criticality Safety Data Book

    Energy Technology Data Exchange (ETDEWEB)

    Hollenbach, D. F. [Y-12 National Security Complex, Oak Ridge, TN (United States)

    2016-11-14

    The objective of this document is to support the revision of criticality safety process studies (CSPSs) for the Uranium Processing Facility (UPF) at the Y-12 National Security Complex (Y-12). This design analysis and calculation (DAC) document contains development and justification for generic inputs typically used in Nuclear Criticality Safety (NCS) DACs to model both normal and abnormal conditions of processes at UPF to support CSPSs. This will provide consistency between NCS DACs and efficiency in preparation and review of DACs, as frequently used data are provided in one reference source.

  2. Validation of programmable industrial automation systems for safety critical applications in NPP's dynamic testing

    International Nuclear Information System (INIS)

    Haapanen, P.; Korhonen, J.

    1995-01-01

    The safety assessment of programmable automation systems can not totally be based on conventional probabilistic methods because of the difficulties in quantification of the reliability of the software as well as the hardware. Additional means shall therefore be used to gain more confidence on the system dependability. One central confidence building measure is the independent dynamic testing of the completed system. An automated test harness is needed to run the required large amount of test cases in a restricted time span. The prototype dynamic testing harness for programmable digital systems developed at the Technical Research Centre of Finland (VTT) is described in the presentation. (12 refs., 2 figs., 2 tabs.)

  3. Validation of programmable industrial automation systems for safety critical applications in NPP's; dynamic testing

    International Nuclear Information System (INIS)

    Haapanen, P.; Korhonen, J.

    1995-01-01

    The safety assessment of programmable automation systems cannot be totally be based on conventional probabilistic methods because of the difficulties in quantification of the reliability of the software as well as the hardware. Additional means shall therefore be used to gain more confidence on the system dependability. One central confidence building measure is the independent dynamic testing of the completed system. An automated test harness is needed to run the required large amount of test cases in a restricted time span. This paper describes a prototype dynamic testing harness for programmable digital systems developed at VTT. (author). 12 refs, 2 figs, 2 tabs

  4. Nuclear criticality safety studies applicable to spent fuel shipping cask designs and spent fuel storage

    International Nuclear Information System (INIS)

    Tang, J.S.

    1980-11-01

    Criticality analyses of water-moderated and reflected arrays of LWR fresh and spent fuel assemblies were carried out in this study. The calculated results indicate that using the assumption of fresh fuel loading in spent fuel shipping cask design leads to assembly spacings which are about twice the spacings of spent fuel loadings. Some shipping cask walls of composite lead and water are more effective neutron reflectors than water of 30.48 cm

  5. Realism in nuclear criticality safety

    International Nuclear Information System (INIS)

    McLaughlin, T. P.

    2009-01-01

    Commercial nuclear power plant operation and regulation have made remarkable progress since the Three Mile Island Accident. This is attributed largely to a heavy dose of introspection and self-regulation by the industry and to a significant infusion of risk-informed and performance-based regulation by the Nuclear Regulatory Commission. This truly represents reality in action both by the plant operators and the regulators. On the other hand, the implementation of nuclear criticality safety in ex-reactor operations involving significant quantities of fissile material has not progressed, but, tragically, it has regressed. Not only is the practice of the discipline in excess of a factor of ten more expensive than decades ago; the trend continues. This unfortunate reality is attributed to a lack of coordination within the industry (as contrasted to what occurred in the reactor operations sector), and to a lack of implementation of risk-informed and performance-based regulation by the NRC While the criticality safety discipline is orders of magnitude smaller than the reactor safety discipline, both operators and regulators must learn from the progress made in reactor safety and apply it to the former to reduce the waste, inefficiency and potentially increased accident risks associated with current practices. Only when these changes are made will there be progress made toward putting realism back into nuclear criticality safety. (authors)

  6. Experience on the FMS Communication module Development for an Application to Safety- Critical Communication Network

    International Nuclear Information System (INIS)

    Son, Kwang Seop; Lee, Jang Soo; Kim, Jung Heon

    2009-01-01

    The field bus has been developed for a network system which supports the real-time communication of various controls and automation equipment. It is known for Profibus in the field of a production automation environment. The Profibus standard uses open communication based on the ISO/OSI model. The Probibus standard uses layer 1, layer 2, layer 7. Layer 7 of Probibus FMS(Fieldbus Message Specification) provides a information and the user of a station. The high-level communication of the safety-grade PLC (POSAFE-Q) developed through the KNICS(Korea Nuclear I and C System) project is the FMS This paper describes the design, the configuration, and the test method of the FMS communication module

  7. Multi-core System Architecture for Safety-critical Control Applications

    DEFF Research Database (Denmark)

    Li, Gang

    -core processor. A promising alternative to improve processing power and provide isolation is to adopt a multi-core architecture with on-chip isolation. In general, a specific multi-core architecture can facilitate the development and certification of safety-related systems, due to its physical isolation between....... Partitioning architecture is definitely employed to provide sufficient temporal and spatial isolation between components with different SILs in the multi-core architecture, aiming to support modular certification. It prevents failure propagation between isolated components. The dissertation focuses...... on partitioning design of both multi-core hardware and software architectures, in order to minimize efforts and cost of system certification at the integration time. Hardware architecture design concentrates on a firmware architecture on SoC platforms, providing separated hardware execution environments...

  8. Lecture notes for criticality safety

    Energy Technology Data Exchange (ETDEWEB)

    Fullwood, R.

    1992-03-01

    These lecture notes for criticality safety are prepared for the training of Department of Energy supervisory, project management, and administrative staff. Technical training and basic mathematics are assumed. The notes are designed for a two-day course, taught by two lecturers. Video tapes may be used at the options of the instructors. The notes provide all the materials that are necessary but outside reading will assist in the fullest understanding. The course begins with a nuclear physics overview. The reader is led from the macroscopic world into the microscopic world of atoms and the elementary particles that constitute atoms. The particles, their masses and sizes and properties associated with radioactive decay and fission are introduced along with Einstein's mass-energy equivalence. Radioactive decay, nuclear reactions, radiation penetration, shielding and health-effects are discussed to understand protection in case of a criticality accident. Fission, the fission products, particles and energy released are presented to appreciate the dangers of criticality. Nuclear cross sections are introduced to understand the effectiveness of slow neutrons to produce fission. Chain reactors are presented as an economy; effective use of the neutrons from fission leads to more fission resulting in a power reactor or a criticality excursion. The six-factor formula is presented for managing the neutron budget. This leads to concepts of material and geometric buckling which are used in simple calculations to assure safety from criticality. Experimental measurements and computer code calculations of criticality are discussed. To emphasize the reality, historical criticality accidents are presented in a table with major ones discussed to provide lessons-learned. Finally, standards, NRC guides and regulations, and DOE orders relating to criticality protection are presented.

  9. Lecture notes for criticality safety

    International Nuclear Information System (INIS)

    Fullwood, R.

    1992-03-01

    These lecture notes for criticality safety are prepared for the training of Department of Energy supervisory, project management, and administrative staff. Technical training and basic mathematics are assumed. The notes are designed for a two-day course, taught by two lecturers. Video tapes may be used at the options of the instructors. The notes provide all the materials that are necessary but outside reading will assist in the fullest understanding. The course begins with a nuclear physics overview. The reader is led from the macroscopic world into the microscopic world of atoms and the elementary particles that constitute atoms. The particles, their masses and sizes and properties associated with radioactive decay and fission are introduced along with Einstein's mass-energy equivalence. Radioactive decay, nuclear reactions, radiation penetration, shielding and health-effects are discussed to understand protection in case of a criticality accident. Fission, the fission products, particles and energy released are presented to appreciate the dangers of criticality. Nuclear cross sections are introduced to understand the effectiveness of slow neutrons to produce fission. Chain reactors are presented as an economy; effective use of the neutrons from fission leads to more fission resulting in a power reactor or a criticality excursion. The six-factor formula is presented for managing the neutron budget. This leads to concepts of material and geometric buckling which are used in simple calculations to assure safety from criticality. Experimental measurements and computer code calculations of criticality are discussed. To emphasize the reality, historical criticality accidents are presented in a table with major ones discussed to provide lessons-learned. Finally, standards, NRC guides and regulations, and DOE orders relating to criticality protection are presented

  10. Lecture notes for criticality safety

    Energy Technology Data Exchange (ETDEWEB)

    Fullwood, R.

    1992-03-01

    These lecture notes for criticality safety are prepared for the training of Department of Energy supervisory, project management, and administrative staff. Technical training and basic mathematics are assumed. The notes are designed for a two-day course, taught by two lecturers. Video tapes may be used at the options of the instructors. The notes provide all the materials that are necessary but outside reading will assist in the fullest understanding. The course begins with a nuclear physics overview. The reader is led from the macroscopic world into the microscopic world of atoms and the elementary particles that constitute atoms. The particles, their masses and sizes and properties associated with radioactive decay and fission are introduced along with Einstein`s mass-energy equivalence. Radioactive decay, nuclear reactions, radiation penetration, shielding and health-effects are discussed to understand protection in case of a criticality accident. Fission, the fission products, particles and energy released are presented to appreciate the dangers of criticality. Nuclear cross sections are introduced to understand the effectiveness of slow neutrons to produce fission. Chain reactors are presented as an economy; effective use of the neutrons from fission leads to more fission resulting in a power reactor or a criticality excursion. The six-factor formula is presented for managing the neutron budget. This leads to concepts of material and geometric buckling which are used in simple calculations to assure safety from criticality. Experimental measurements and computer code calculations of criticality are discussed. To emphasize the reality, historical criticality accidents are presented in a table with major ones discussed to provide lessons-learned. Finally, standards, NRC guides and regulations, and DOE orders relating to criticality protection are presented.

  11. Nuclear criticality safety: 2-day training course

    International Nuclear Information System (INIS)

    Schlesser, J.A.

    1997-02-01

    This compilation of notes is presented as a source reference for the criticality safety course. At the completion of this training course, the attendee will: be able to define terms commonly used in nuclear criticality safety; be able to appreciate the fundamentals of nuclear criticality safety; be able to identify factors which affect nuclear criticality safety; be able to identify examples of criticality controls as used as Los Alamos; be able to identify examples of circumstances present during criticality accidents; have participated in conducting two critical experiments; be asked to complete a critique of the nuclear criticality safety training course

  12. Nuclear criticality safety: 2-day training course

    Energy Technology Data Exchange (ETDEWEB)

    Schlesser, J.A. [ed.] [comp.

    1997-02-01

    This compilation of notes is presented as a source reference for the criticality safety course. At the completion of this training course, the attendee will: be able to define terms commonly used in nuclear criticality safety; be able to appreciate the fundamentals of nuclear criticality safety; be able to identify factors which affect nuclear criticality safety; be able to identify examples of criticality controls as used as Los Alamos; be able to identify examples of circumstances present during criticality accidents; have participated in conducting two critical experiments; be asked to complete a critique of the nuclear criticality safety training course.

  13. Proceedings of KURRI symposium on criticality safety

    International Nuclear Information System (INIS)

    Nishina, Kojiro; Kanda, Keiji

    1984-01-01

    On August 8, 1984, at the Reactor Application Center of the Research Reactor Institute, Kyoto University, the symposium on criticality safety was held, and 81 participants from various fields of reactor physics, nuclear fuel cycle engineering, reactor chemistry, nuclear chemistry, health physics and so on discussed the problem. The gists of the presentation are collected in this report. The contents are the techniques of evaluating criticality safety in respective fuel facilities, the system of control and its concept, the course and plan of the research on criticality safety in Japan and foreign countries, the techniques of determining multiplication factor and so on, and the review of present status, the pointing-out of problems and the report of new techniques were made. The measures coping with criticality safety have been mostly to meet urgent demand, but its fundamental examination and long term research should be carried out. This symposium was planned as the preparation for such research project, and favorable comment was given by the participants. In the next symposium, it is considered better to limit the themes and to allot more time to respective lectures. (Kako, I.)

  14. Nuclear criticality safety: 2-day training course

    International Nuclear Information System (INIS)

    Schlesser, J.A.

    1992-11-01

    This compilation of notes is presented as a source reference for the criticality safety course. At the completion of this training course, the attendee will: (1) be able to define terms commonly used in nuclear criticality safety; (2) be able to appreciate the fundamentals of nuclear criticality safety; (3) be able to identify factors which affect nuclear criticality safety; (4) be able to identify examples of criticality controls as used at Los Alamos; (5) be able to identify examples of circumstances present during criticality accidents; (6) have participated in conducting two critical experiments

  15. Application of Integrated Verification Approach to FPGA-based Safety-Critical I and C System of Nuclear Power Plant

    International Nuclear Information System (INIS)

    Ahmed, Ibrahim; Heo, Gyunyoung; Jung, Jaecheon

    2016-01-01

    Safety-critical instrumentation and control (I and C) system in nuclear power plant (NPP) implemented on programmable logic controllers (PLCs) plays a vital role in safe operation of the plant. The challenges such as fast obsolescence, the vulnerability to cyber-attack, and other related issues of software systems have currently led to the consideration of field programmable gate arrays (FPGAs) as an alternative to PLCs because of their advantages and hardware related benefits. Generally in FPGA design verification, the designers make use of verification techniques by writing the test benches which involved various stages of verification activities of register-transfer level (RTL), gate-level, and place and route. Writing the test benches is considerably time consuming and require a lot of efforts to achieve a satisfied desire results. Furthermore, performing the verification at each stage is a major bottleneck and demanded much activities and time. In addition, verification is conceivably, the most difficult and complicated aspect of any design. Therefore, in view of these, this work applied an integrated verification approach to the verification of FPGA-based I and C system in NPP that simultaneously verified the whole design modules using MATLAB/Simulink HDL Co-simulation models. Verification is conceivably, the most difficult and complicated aspect of any design, and an FPGA design is not an exception. Therefore, in this work, we introduced and discussed how an application of integrated verification technique to the verification and testing of FPGA-based I and C system design in NPP can facilitate the verification processes, and verify the entire design modules of the system simultaneously using MATLAB/Simulink HDL co-simulation models. In conclusion, the results showed that, the integrated verification approach through MATLAB/Simulink models, if applied to any design to be verified, could speed up the design verification and reduce the V and V tasks

  16. Application of Integrated Verification Approach to FPGA-based Safety-Critical I and C System of Nuclear Power Plant

    Energy Technology Data Exchange (ETDEWEB)

    Ahmed, Ibrahim; Heo, Gyunyoung [Kyunghee Univ., Yongin (Korea, Republic of); Jung, Jaecheon [KEPCO, Ulsan (Korea, Republic of)

    2016-10-15

    Safety-critical instrumentation and control (I and C) system in nuclear power plant (NPP) implemented on programmable logic controllers (PLCs) plays a vital role in safe operation of the plant. The challenges such as fast obsolescence, the vulnerability to cyber-attack, and other related issues of software systems have currently led to the consideration of field programmable gate arrays (FPGAs) as an alternative to PLCs because of their advantages and hardware related benefits. Generally in FPGA design verification, the designers make use of verification techniques by writing the test benches which involved various stages of verification activities of register-transfer level (RTL), gate-level, and place and route. Writing the test benches is considerably time consuming and require a lot of efforts to achieve a satisfied desire results. Furthermore, performing the verification at each stage is a major bottleneck and demanded much activities and time. In addition, verification is conceivably, the most difficult and complicated aspect of any design. Therefore, in view of these, this work applied an integrated verification approach to the verification of FPGA-based I and C system in NPP that simultaneously verified the whole design modules using MATLAB/Simulink HDL Co-simulation models. Verification is conceivably, the most difficult and complicated aspect of any design, and an FPGA design is not an exception. Therefore, in this work, we introduced and discussed how an application of integrated verification technique to the verification and testing of FPGA-based I and C system design in NPP can facilitate the verification processes, and verify the entire design modules of the system simultaneously using MATLAB/Simulink HDL co-simulation models. In conclusion, the results showed that, the integrated verification approach through MATLAB/Simulink models, if applied to any design to be verified, could speed up the design verification and reduce the V and V tasks.

  17. New developments enhancing MCNP for criticality safety

    International Nuclear Information System (INIS)

    Hendricks, J.S.; McKinney, G.W.; Forster, R.A.

    1993-01-01

    Since the early 80's MCNP has had three estimates of k eff : collision, absorption, and track length. MCNP has also had collision and absorption estimators of removal lifetime. These are calculated for every cycle and are averaged over the cycles as simple averages and covariance weighted averages. Correlation coefficients between estimators are also calculated. These criticality estimators are all in addition to the extensive summary information and tally edits used in shielding and other problems. A number of significant new developments have been made to enhance the MCNP Monte Carlo radiation transport code for criticality safety applications. These are available in the newly released MCNP4A version of the code

  18. Criticality safety evaluation in Tokai Reprocessing Plant

    International Nuclear Information System (INIS)

    Shirai, Nobutoshi; Nakajima, Masayoshi; Takaya, Akikazu; Ohnuma, Hideyuki; Shirouzu, Hidetomo; Hayashi, Shinichiro; Yoshikawa, Koji; Suto, Toshiyuki

    2000-04-01

    Criticality limits for equipments in Tokai Reprocessing Plant which handle fissile material solution and are under shape and dimension control were reevaluated based on the guideline No.10 'Criticality safety of single unit' in the regulatory guide for reprocessing plant safety. This report presents criticality safety evaluation of each equipment as single unit. Criticality safety of multiple units in a cell or a room was also evaluated. The evaluated equipments were ones in dissolution, separation, purification, denitration, Pu product storage, and Pu conversion processes. As a result, it was reconfirmed that the equipments were safe enough from a view point of criticality safety of single unit and multiple units. (author)

  19. Status of criticality safety research at NUCEF

    Energy Technology Data Exchange (ETDEWEB)

    Nakajima, Ken [Japan Atomic Energy Research Inst., Tokai, Ibaraki (Japan). Tokai Research Establishment

    1998-03-01

    Two critical facilities, named STACY (Static Experiment Critical Facility) and TRACY (Transient Experiment Critical Facility), at the Nuclear Fuel Cycle Safety Engineering Research Facility (NUCEF) started their hot operations in 1995. Since then, basic experimental data for criticality safety research have been accumulated using STACY, and supercritical experiments for the study of criticality accident in a reprocessing plant have been performed using TRACY. In this paper, the outline of those critical facilities and the main results of TRACY experiments are presented. (author)

  20. Architecture Level Safety Analyses for Safety-Critical Systems

    Directory of Open Access Journals (Sweden)

    K. S. Kushal

    2017-01-01

    Full Text Available The dependency of complex embedded Safety-Critical Systems across Avionics and Aerospace domains on their underlying software and hardware components has gradually increased with progression in time. Such application domain systems are developed based on a complex integrated architecture, which is modular in nature. Engineering practices assured with system safety standards to manage the failure, faulty, and unsafe operational conditions are very much necessary. System safety analyses involve the analysis of complex software architecture of the system, a major aspect in leading to fatal consequences in the behaviour of Safety-Critical Systems, and provide high reliability and dependability factors during their development. In this paper, we propose an architecture fault modeling and the safety analyses approach that will aid in identifying and eliminating the design flaws. The formal foundations of SAE Architecture Analysis & Design Language (AADL augmented with the Error Model Annex (EMV are discussed. The fault propagation, failure behaviour, and the composite behaviour of the design flaws/failures are considered for architecture safety analysis. The illustration of the proposed approach is validated by implementing the Speed Control Unit of Power-Boat Autopilot (PBA system. The Error Model Annex (EMV is guided with the pattern of consideration and inclusion of probable failure scenarios and propagation of fault conditions in the Speed Control Unit of Power-Boat Autopilot (PBA. This helps in validating the system architecture with the detection of the error event in the model and its impact in the operational environment. This also provides an insight of the certification impact that these exceptional conditions pose at various criticality levels and design assurance levels and its implications in verifying and validating the designs.

  1. Nuclear Criticality Safety Assessment Using the SCALE Computer Code Package. A demonstration based on an independent review of a real application

    International Nuclear Information System (INIS)

    Mennerdahl, Dennis

    1998-06-01

    The purpose of this project was to instruct a young scientist from the Lithuanian Energy Institute (LEI) on how to carry out an independent review of a safety report. In particular, emphasis, was to be put on how to use the personal computer version of the calculation system SCALE 4.3 in this process. Nuclear criticality safety together with radiation shielding from gamma and neutron sources were areas of interest. This report concentrates on nuclear criticality safety aspects while a separate report covers radiation shielding. The application was a proposed storage cask for irradiated fuel assemblies from the Ignalina RBMK reactors in Lithuania. The safety report contained various documents involving many design and safety considerations. A few other documents describing the Ignalina reactors and their operation were available. The time for the project was limited to approximately one month, starting 'clean' with a SCALE 4.3 CD-ROM, a thick safety report and a fast personal computer. The results should be of general interest to Swedish authorities, in particular related to shielding where experience in using advanced computer codes like those available in SCALE is limited. It has been known for many years that criticality safety is very complicated, and that independent reviews are absolutely necessary to reduce the risk from quite common errors in the safety assessments. Several important results were obtained during the project. Concerning use of SCALE 4.3, it was confirmed that a young scientist, without extensive previous experience in the code system, can learn to use essentially all options. During the project, it was obvious that familiarity with personal computers, operating systems (including network system) and office software (word processing, spreadsheet and Internet browser software) saved a lot of time. Some of the Monte Carlo calculations took several hours. Experience is valuable in quickly picking out input or source document errors. Understanding

  2. Proceedings of the Nuclear Criticality Technology Safety

    International Nuclear Information System (INIS)

    Sanchez, Renee G.

    1998-01-01

    This document contains summaries of most of the papers presented at the 1995 Nuclear Criticality Technology Safety Project (NCTSP) meeting, which was held May 16 and 17 at San Diego, Ca. The meeting was broken up into seven sessions, which covered the following topics: (1) Criticality Safety of Project Sapphire; (2) Relevant Experiments For Criticality Safety; (3) Interactions with the Former Soviet Union; (4) Misapplications and Limitations of Monte Carlo Methods Directed Toward Criticality Safety Analyses; (5) Monte Carlo Vulnerabilities of Execution and Interpretation; (6) Monte Carlo Vulnerabilities of Representation; and (7) Benchmark Comparisons

  3. Verification of safety critical software

    International Nuclear Information System (INIS)

    Son, Ki Chang; Chun, Chong Son; Lee, Byeong Joo; Lee, Soon Sung; Lee, Byung Chai

    1996-01-01

    To assure quality of safety critical software, software should be developed in accordance with software development procedures and rigorous software verification and validation should be performed. Software verification is the formal act of reviewing, testing of checking, and documenting whether software components comply with the specified requirements for a particular stage of the development phase[1]. New software verification methodology was developed and was applied to the Shutdown System No. 1 and 2 (SDS1,2) for Wolsung 2,3 and 4 nuclear power plants by Korea Atomic Energy Research Institute(KAERI) and Atomic Energy of Canada Limited(AECL) in order to satisfy new regulation requirements of Atomic Energy Control Boars(AECB). Software verification methodology applied to SDS1 for Wolsung 2,3 and 4 project will be described in this paper. Some errors were found by this methodology during the software development for SDS1 and were corrected by software designer. Outputs from Wolsung 2,3 and 4 project have demonstrated that the use of this methodology results in a high quality, cost-effective product. 15 refs., 6 figs. (author)

  4. Connected vehicle applications : safety.

    Science.gov (United States)

    2016-01-01

    Connected vehicle safety applications are designed to increase situational awareness : and reduce or eliminate crashes through vehicle-to-infrastructure, vehicle-to-vehicle, : and vehicle-to-pedestrian data transmissions. Applications support advisor...

  5. 2011 Annual Criticality Safety Program Performance Summary

    Energy Technology Data Exchange (ETDEWEB)

    Andrea Hoffman

    2011-12-01

    The 2011 review of the INL Criticality Safety Program has determined that the program is robust and effective. The review was prepared for, and fulfills Contract Data Requirements List (CDRL) item H.20, 'Annual Criticality Safety Program performance summary that includes the status of assessments, issues, corrective actions, infractions, requirements management, training, and programmatic support.' This performance summary addresses the status of these important elements of the INL Criticality Safety Program. Assessments - Assessments in 2011 were planned and scheduled. The scheduled assessments included a Criticality Safety Program Effectiveness Review, Criticality Control Area Inspections, a Protection of Controlled Unclassified Information Inspection, an Assessment of Criticality Safety SQA, and this management assessment of the Criticality Safety Program. All of the assessments were completed with the exception of the 'Effectiveness Review' for SSPSF, which was delayed due to emerging work. Although minor issues were identified in the assessments, no issues or combination of issues indicated that the INL Criticality Safety Program was ineffective. The identification of issues demonstrates the importance of an assessment program to the overall health and effectiveness of the INL Criticality Safety Program. Issues and Corrective Actions - There are relatively few criticality safety related issues in the Laboratory ICAMS system. Most were identified by Criticality Safety Program assessments. No issues indicate ineffectiveness in the INL Criticality Safety Program. All of the issues are being worked and there are no imminent criticality concerns. Infractions - There was one criticality safety related violation in 2011. On January 18, 2011, it was discovered that a fuel plate bundle in the Nuclear Materials Inspection and Storage (NMIS) facility exceeded the fissionable mass limit, resulting in a technical safety requirement (TSR) violation. The

  6. CANISTER HANDLING FACILITY CRITICALITY SAFETY CALCULATIONS

    International Nuclear Information System (INIS)

    C.E. Sanders

    2005-01-01

    This design calculation revises and updates the previous criticality evaluation for the canister handling, transfer and staging operations to be performed in the Canister Handling Facility (CHF) documented in BSC [Bechtel SAIC Company] 2004 [DIRS 167614]. The purpose of the calculation is to demonstrate that the handling operations of canisters performed in the CHF meet the nuclear criticality safety design criteria specified in the ''Project Design Criteria (PDC) Document'' (BSC 2004 [DIRS 171599], Section 4.9.2.2), the nuclear facility safety requirement in ''Project Requirements Document'' (Canori and Leitner 2003 [DIRS 166275], p. 4-206), the functional/operational nuclear safety requirement in the ''Project Functional and Operational Requirements'' document (Curry 2004 [DIRS 170557], p. 75), and the functional nuclear criticality safety requirements described in the ''Canister Handling Facility Description Document'' (BSC 2004 [DIRS 168992], Sections 3.1.1.3.4.13 and 3.2.3). Specific scope of work contained in this activity consists of updating the Category 1 and 2 event sequence evaluations as identified in the ''Categorization of Event Sequences for License Application'' (BSC 2004 [DIRS 167268], Section 7). The CHF is limited in throughput capacity to handling sealed U.S. Department of Energy (DOE) spent nuclear fuel (SNF) and high-level radioactive waste (HLW) canisters, defense high-level radioactive waste (DHLW), naval canisters, multicanister overpacks (MCOs), vertical dual-purpose canisters (DPCs), and multipurpose canisters (MPCs) (if and when they become available) (BSC 2004 [DIRS 168992], p. 1-1). It should be noted that the design and safety analyses of the naval canisters are the responsibility of the U.S. Department of the Navy (Naval Nuclear Propulsion Program) and will not be included in this document. In addition, this calculation is valid for the current design of the CHF and may not reflect the ongoing design evolution of the facility

  7. Application of hazard analysis and critical control point methodology and risk-based grading to consumer food safety surveys.

    Science.gov (United States)

    Røssvoll, Elin Halbach; Ueland, Øydis; Hagtvedt, Therese; Jacobsen, Eivind; Lavik, Randi; Langsrud, Solveig

    2012-09-01

    Traditionally, consumer food safety survey responses have been classified as either "right" or "wrong" and food handling practices that are associated with high risk of infection have been treated in the same way as practices with lower risks. In this study, a risk-based method for consumer food safety surveys has been developed, and HACCP (hazard analysis and critical control point) methodology was used for selecting relevant questions. We conducted a nationally representative Web-based survey (n = 2,008), and to fit the self-reported answers we adjusted a risk-based grading system originally developed for observational studies. The results of the survey were analyzed both with the traditional "right" and "wrong" classification and with the risk-based grading system. The results using the two methods were very different. Only 5 of the 10 most frequent food handling violations were among the 10 practices associated with the highest risk. These 10 practices dealt with different aspects of heat treatment (lacking or insufficient), whereas the majority of the most frequent violations involved storing food at room temperature for too long. Use of the risk-based grading system for survey responses gave a more realistic picture of risks associated with domestic food handling practices. The method highlighted important violations and minor errors, which are performed by most people and are not associated with significant risk. Surveys built on a HACCP-based approach with risk-based grading will contribute to a better understanding of domestic food handling practices and will be of great value for targeted information and educational activities.

  8. ALARP considerations in criticality safety assessments

    International Nuclear Information System (INIS)

    Bowden, Russell L.; Barnes, Andrew; Thorne, Peter R.; Venner, Jack

    2003-01-01

    Demonstrating that the risk to the public and workers is As Low As Reasonably Practicable (ALARP) is a fundamental requirement of safety cases for nuclear facilities in the United Kingdom. This is embodied in the Safety Assessment Principles (SAPs) published by the Regulator, the essence of which is incorporated within the safety assessment processes of the various nuclear site licensees. The concept of ALARP within criticality safety assessments has taken some time to establish in the United Kingdom. In principle, the licensee is obliged to search for a deterministic criticality safety solution, such as safe geometry vessels and passive control features, rather than placing reliance on active measurement devices and plant administrative controls. This paper presents a consideration of some ALARP issues in relation to the development of criticality safety cases. The paper utilises some idealised examples covering a range of issues facing the criticality safety assessor, including new plant design, operational plant and decommissioning activities. These examples are used to outline the elements of the criticality safety cases and present a discussion of ALARP in the context of criticality safety assessments. (author)

  9. Outline of criticality safety research project

    International Nuclear Information System (INIS)

    Kobayashi, Iwao; Tachimori, Shoichi; Suzaki, Takenori; Takeshita, Isao; Miyoshi, Yoshinori; Nakajima, Ken; Sakurai, Satoshi; Yanagisawa, Hiroshi

    1987-01-01

    As the power generation capacity of LWRs in Japan increased, the establishment and development of nuclear fuel cycle have become the important subject. Conforming to the safety research project of the nation, the Japan Atomic Energy Research Institute has advanced the project of constructing a new research facility, that is, Nuclear Fuel Cycle Engineering Research Facility (NUCEF). In this facility, it is planned to carry out the research on criticality safety, upgraded reprocessing techniques, and the treatment and disposal of transuranium element wastes. In this paper, the subjects of criticality safety research and the research carried out with a criticality safety experiment facility which is expected to be installed in the NUCEF are briefly reported. The experimental data obtained from the criticality safety handbooks and published literatures in foreign countries are short of the data on the mixture of low enriched uranium and plutonium which is treated in the reprocessing of spent fuel from LWRs. The acquisition of the criticality data for various forms of fuel, the elucidation of the scenario of criticality accidents, and the soundness of the confinement system for gaseous fission products and plutonium are the main subjects. The Static Criticality Safety Facility, Transient Criticality Safety Facility and pulse column system are the main facilities. (Kako, I.)

  10. Safety Justification and Safety Case for Safety-critical Software in Digital Reactor Protection System

    International Nuclear Information System (INIS)

    Kwon, Kee-Choon; Lee, Jang-Soo; Jee, Eunkyoung

    2016-01-01

    Nuclear safety-critical software is under strict regulatory requirements and these regulatory requirements are essential for ensuring the safety of nuclear power plants. The verification & validation (V and V) and hazard analysis of the safety-critical software are required to follow regulatory requirements through the entire software life cycle. In order to obtain a license from the regulatory body through the development and validation of safety-critical software, it is essential to meet the standards which are required by the regulatory body throughout the software development process. Generally, large amounts of documents, which demonstrate safety justification including standard compliance, V and V, hazard analysis, and vulnerability assessment activities, are submitted to the regulatory body during the licensing process. It is not easy to accurately read and evaluate the whole documentation for the development activities, implementation technology, and validation activities. The safety case methodology has been kwon a promising approach to evaluate the level and depth of the development and validation results. A safety case is a structured argument, supported by a body of evidence that provides a compelling, comprehensible, and valid case that a system is safe for a given application in a given operating environment. It is suggested to evaluate the level and depth of the results of development and validation by applying safety case methodology to achieve software safety demonstration. A lot of documents provided as evidence are connected to claim that corresponds to the topic for safety demonstration. We demonstrated a case study in which more systematic safety demonstration for the target system software is performed via safety case construction than simply listing the documents

  11. USNRC licensing process as related to nuclear criticality safety

    International Nuclear Information System (INIS)

    Ketzlach, N.

    1987-01-01

    The U.S. Code of Federal Regulations establishes procedures and criteria for the issuance of licenses to receive title to, own, acquire, deliver, receive, possess, use, and initially transfer special nuclear material; and establishes and provides for the terms and conditions upon which the Nuclear Regulatory Commission (NRC) will issue such licenses. Section 70.22 of the regulations, ''Contents of Applications'', requires that applications for licenses contain proposed procedures to avoid accidental conditions of criticality. These procedures are elements of a nuclear criticality safety program for operations with fissionable materials at fuels and materials facilities (i.e., fuel cycle facilities other than nuclear reactors) in which there exists a potential for criticality accidents. To assist the applicant in providing specific information needed for a nuclear criticality safety program in a license application, the NRC has issued regulatory guides. The NRC requirements for nuclear criticality safety include organizational, administrative, and technical requirements. For purely technical matters on nuclear criticality safety these guides endorse national standards. Others provide guidance on the standard format and content of license applications, guidance on evaluating radiological consequences of criticality accidents, or guidance for dealing with other radiation safety issues. (author)

  12. Software Safety Risk in Legacy Safety-Critical Computer Systems

    Science.gov (United States)

    Hill, Janice L.; Baggs, Rhoda

    2007-01-01

    Safety Standards contain technical and process-oriented safety requirements. Technical requirements are those such as "must work" and "must not work" functions in the system. Process-Oriented requirements are software engineering and safety management process requirements. Address the system perspective and some cover just software in the system > NASA-STD-8719.13B Software Safety Standard is the current standard of interest. NASA programs/projects will have their own set of safety requirements derived from the standard. Safety Cases: a) Documented demonstration that a system complies with the specified safety requirements. b) Evidence is gathered on the integrity of the system and put forward as an argued case. [Gardener (ed.)] c) Problems occur when trying to meet safety standards, and thus make retrospective safety cases, in legacy safety-critical computer systems.

  13. Nuclear criticality safety handbook. Version 2

    International Nuclear Information System (INIS)

    1999-03-01

    The Nuclear Criticality Safety Handbook, Version 2 essentially includes the description of the Supplement Report to the Nuclear Criticality Safety Handbook, released in 1995, into the first version of Nuclear Criticality Safety Handbook, published in 1988. The following two points are new: (1) exemplifying safety margins related to modelled dissolution and extraction processes, (2) describing evaluation methods and alarm system for criticality accidents. Revision is made based on previous studies for the chapter that treats modelling the fuel system: e.g., the fuel grain size that the system can be regarded as homogeneous, non-uniformity effect of fuel solution, and burnup credit. This revision solves the inconsistencies found in the first version between the evaluation of errors found in JACS code system and criticality condition data that were calculated based on the evaluation. (author)

  14. SCALE Graphical Developments for Improved Criticality Safety Analyses

    International Nuclear Information System (INIS)

    Barnett, D.L.; Bowman, S.M.; Horwedel, J.E.; Petrie, L.M.

    1999-01-01

    New computer graphic developments at Oak Ridge National Ridge National Laboratory (ORNL) are being used to provide visualization of criticality safety models and calculational results as well as tools for criticality safety analysis input preparation. The purpose of this paper is to present the status of current development efforts to continue to enhance the SCALE (Standardized Computer Analyses for Licensing Evaluations) computer software system. Applications for criticality safety analysis in the areas of 3-D model visualization, input preparation and execution via a graphical user interface (GUI), and two-dimensional (2-D) plotting of results are discussed

  15. Reusable libraries for safety-critical Java

    DEFF Research Database (Denmark)

    Rios Rivas, Juan Ricardo; Schoeberl, Martin

    2014-01-01

    The large collection of Java class libraries is a main factor of the success of Java. However, these libraries assume that a garbage-collected heap is used. Safety-critical Java uses scope-based memory areas instead of a garbage-collected heap. Therefore, the Java class libraries are problematic...... to use in safety-critical Java. We have identified common programming patterns in the Java class libraries that make them unsuitable for safety-critical Java. We propose ways to improve the libraries to avoid the impact of the identified problematic patterns. We illustrate these changes by implementing...

  16. Criticality safety in the Federal Republic of Germany

    International Nuclear Information System (INIS)

    Krug, H.; Thomas, W.

    1980-01-01

    Criticality safety is of concern in processing, handling and storage of nuclear fuel outside reactors. Considerable experience has been gained in this area in the last twenty years. No criticality safety problems can be performed by applying a great variety of simple or sophisticated computation techniques. Calculated criticality data have been collected and issued in a handbook. A review is given of criticality safety philosophy, common practice in safety design, application of limitations and standards and accident analysis. As recent developments efforts have been made to investigate concrete reflection, the possible use of gadolinium as homogeneous poison, the suitability of hafnium as neutron absorber and nondestructive in-line measurement of fissile content concentrations. Recently a critical safe design has been established for a cast-iron cask for dry storage of spent fuel elements taking account of accidental moderation of the fuel. 8 figures

  17. Proceedings of the nuclear criticality technology safety project

    International Nuclear Information System (INIS)

    Sanchez, R.G.

    1997-06-01

    This document contains summaries of the most of the papers presented at the 1994 Nuclear Criticality Technology Safety Project (NCTSP) meeting, which was held May 10 and 11 at Williamsburg, Va. The meeting was broken up into seven sessions, which covered the following topics: (1) Validation and Application of Calculations; (2) Relevant Experiments for Criticality Safety; (3) Experimental Facilities and Capabilities; (4) Rad-Waste and Weapons Disassembly; (5) Criticality Safety Software and Development; (6) Criticality Safety Studies at Universities; and (7) Training. The minutes and list of participants of the Critical Experiment Needs Identification Workgroup meeting, which was held on May 9 at the same venue, has been included as an appendix. A second appendix contains the names and addresses of all NCTSP meeting participants. Separate abstracts have been indexed to the database for contributions to this proceedings

  18. Proceedings of the nuclear criticality technology safety project

    Energy Technology Data Exchange (ETDEWEB)

    Sanchez, R.G. [comp.

    1997-06-01

    This document contains summaries of the most of the papers presented at the 1994 Nuclear Criticality Technology Safety Project (NCTSP) meeting, which was held May 10 and 11 at Williamsburg, Va. The meeting was broken up into seven sessions, which covered the following topics: (1) Validation and Application of Calculations; (2) Relevant Experiments for Criticality Safety; (3) Experimental Facilities and Capabilities; (4) Rad-Waste and Weapons Disassembly; (5) Criticality Safety Software and Development; (6) Criticality Safety Studies at Universities; and (7) Training. The minutes and list of participants of the Critical Experiment Needs Identification Workgroup meeting, which was held on May 9 at the same venue, has been included as an appendix. A second appendix contains the names and addresses of all NCTSP meeting participants. Separate abstracts have been indexed to the database for contributions to this proceedings.

  19. Explicit Precedence Constraints in Safety-Critical Java

    DEFF Research Database (Denmark)

    Puffitsch, Wolfgang; Noulard, Eric; Pagetti, Claire

    2013-01-01

    Safety-critical Java (SCJ) aims at making the amenities of Java available for the development of safety-critical applications. The multi-rate synchronous language Prelude facilitates the specification of the communication and timing requirements of complex real-time systems. This paper combines...... to provide explicit support for precedence constraints. We present the considerations behind the design of this extension and discuss our experiences with a first prototype implementation based on the SCJ implementation of the Java Optimized Processor....

  20. Nuclear criticality safety: 3-day training course

    International Nuclear Information System (INIS)

    Schlesser, J.A.

    1993-06-01

    The open-quotes 3-Day Training Courseclose quotes is an intensive course in criticality safety consisting of lectures and laboratory sessions, including active student participation in actual critical experiments, a visit to a plutonium processing facility, and in-depth discussions on safety philosophy. The program is directed toward personnel who currently have criticality safety responsibilities in the capacity of supervisory staff and/or line management. This compilation of notes is presented as a source reference for the criticality safety course. It represents the contributions of many people, particularly Tom McLaughlin, the course's primary instructor. It should be noted that when chapters were extracted, an attempt was made to maintain footnotes and references as originally written. Photographs and illustrations are numbered sequentially

  1. Nuclear criticality safety department training implementation

    International Nuclear Information System (INIS)

    Carroll, K.J.; Taylor, R.G.; Worley, C.A.

    1996-01-01

    The Nuclear Criticality Safety Department (NCSD) is committed to developing and maintaining a staff of qualified personnel to meet the current and anticipated needs in Nuclear Criticality Safety (NCS) at the Oak Ridge Y-12 Plant. The NCSD Qualification Program is described in Y/DD-694, Qualification Program, Nuclear Criticality Safety Department This document provides a listing of the roles and responsibilities of NCSD personnel with respect to training and details of the Training Management System (TMS) programs, Mentoring Checklists and Checksheets, as well as other documentation utilized to implement the program. This document supersedes Y/DD-696, Revision 2, dated 3/27/96, Training Implementation, Nuclear Criticality Safety Department. There are no backfit requirements associated with revisions to this document

  2. Safety study application guide

    International Nuclear Information System (INIS)

    1993-07-01

    Martin Marietta Energy Systems, Inc., (Energy Systems) is committed to performing and documenting safety analyses for facilities it manages for the Department of Energy (DOE). Included are analyses of existing facilities done under the aegis of the Safety Analysis Report Upgrade Program, and analyses of new and modified facilities. A graded approach is used wherein the level of analysis and documentation for each facility is commensurate with the magnitude of the hazard(s), the complexity of the facility and the stage of the facility life cycle. Safety analysis reports (SARs) for hazard Category 1 and 2 facilities are usually detailed and extensive because these categories are associated with public health and safety risk. SARs for Category 3 are normally much less extensive because the risk to public health and safety is slight. At Energy Systems, safety studies are the name given to SARs for Category 3 (formerly open-quotes lowclose quotes) facilities. Safety studies are the appropriate instrument when on-site risks are limited to irreversible consequences to a few people, and off-site consequences are limited to reversible consequences to a few people. This application guide provides detailed instructions for performing safety studies that meet the requirements of DOE Orders 5480.22, open-quotes Technical Safety Requirements,close quotes and 5480.23, open-quotes Nuclear Safety Analysis Reports.close quotes A seven-chapter format has been adopted for safety studies. This format allows for discussion of all the items required by DOE Order 5480.23 and for the discussions to be readily traceable to the listing in the order. The chapter titles are: (1) Introduction and Summary, (2) Site, (3) Facility Description, (4) Safety Basis, (5) Hazardous Material Management, (6) Management, Organization, and Institutional Safety Provisions, and (7) Accident Analysis

  3. Present status of Japanese Criticality Safety Handbook

    International Nuclear Information System (INIS)

    Okuno, Hiroshi

    1999-01-01

    A draft of the second edition of Nuclear Criticality Safety Handbook has been finalized, and it is under examination by reviewing committee for JAERI Report. Working Group designated for revising the Japanese Criticality Safety Handbook, which is chaired by Prof. Yamane, is now preparing for 'Guide on Burnup Credit for Storage and Transport of Spent Nuclear Fuel' and second edition of 'Data Collection' part of Handbook. Activities related to revising the Handbook might give a hint for a future experiment at STACY. (author)

  4. Criticality safety studies at VTT Energy

    International Nuclear Information System (INIS)

    Roine, T.; Anttila, M.

    1995-01-01

    At VTT Energy a compact reactor physics calculation system is applied in many kind of problems. Generation of group constants for static and dynamic core calculations, flux and dose rate calculations as well as criticality safety studies are performed basically with the same codes. In the presentation a short overview of the wide variety of criticality safety problems analyzed at VTT Energy is given. The calculation system with some illustrative examples is also described. (12 refs., 1 tab.)

  5. Connected vehicle application : safety.

    Science.gov (United States)

    2015-01-01

    Connected vehicle safety applications are designed to increase situational awareness : and reduce or eliminate crashes through vehicle-to-infrastructure (V2I), vehicle-to-vehicle (V2V), and vehicle-to-pedestrian (V2P) data transmissions. Applications...

  6. Overview of DOE/ONS criticality safety projects

    International Nuclear Information System (INIS)

    Barber, R.W.; Brown, B.P.; Hopper, C.M.

    1985-01-01

    The evolution of Federal involvement with nuclear criticality safety has traversed through the 1940's and early 1950's with the Manhattan Engineering District, the 1950's and 1960's with the Atomic Energy Commission, the early 1970's with the Energy Research and Development Administration, and the late 1970's to date with the US Department of Energy. The importance of nuclear criticality safety has been maintained throughout these periods; however, criticality safety has received shifting emphases in research/applications, promulgations of regulations/standards, origins of fiscal support and organization. In June 1981 the Office of Nuclear Safety was established in response to a Department of Energy study of the impact of the March 1979 Three Mile Island accident. The organizational structure of the ONS, its program for establishing and maintaining a progressive nuclear criticality safety program, and associated projects, and current history of ONS's fiscal support of program projects is presented. With the establishment of the ONS came concomitant missions to develop and maintain nuclear safety policy and requirements, to provide independent assurance that nuclear operations are performed safely, to provide resources and management for DOE responses to nuclear accidents, and to provide technical support. In the past four years, ONS has developed and initiated a continuing Department Nuclear Criticality Safety Program in such areas as communications and information, physics of criticality, knowledge of factors affecting criticality, and computational capability

  7. Nuclear Criticality Safety Handbook (English translation)

    International Nuclear Information System (INIS)

    1995-09-01

    This is an English translation of 'Nuclear Criticality Safety Handbook' compiled by Nuclear Materials Regulation Division in Nuclear Safety Bureau of Science and Technology Agency of Japan and published by Nikkan Shobo in 1988, which was originally written in Japanese. (author)

  8. Criticality safety and facility design considerations

    International Nuclear Information System (INIS)

    Waltz, W.R.

    1991-06-01

    Operations with fissile material introduce the risk of a criticality accident that may be lethal to nearby personnel. In addition, concerns over criticality safety can result in substantial delays and shutdown of facility operations. For these reasons, it is clear that the prevention of a nuclear criticality accident should play a major role in the design of a nuclear facility. The emphasis of this report will be placed on engineering design considerations in the prevention of criticality. The discussion will not include other important aspects, such as the physics of calculating limits nor criticality alarm systems

  9. Design aspects of safety critical instrumentation of nuclear installations

    International Nuclear Information System (INIS)

    Swaminathan, P.

    2005-01-01

    Safety critical instrumentation systems ensure safe shutdown/configuration of the nuclear installation when process status exceeds the safety threshold limits. Design requirements for safety critical instrumentation such as functional and electrical independence, fail-safe design, and architecture to ensure the specified unsafe failure rate and safe failure rate, human machine interface (HMI), etc., are explained with examples. Different fault tolerant architectures like 1/2, 2/2, 2/3 hot stand-by are compared for safety critical instrumentation. For embedded systems, software quality assurance is detailed both during design phase and O and M phase. Different software development models such as waterfall model and spiral model are explained with examples. The error distribution in embedded system is detailed. The usage of formal method is outlined to reduce the specification error. The guidelines for coding of application software are outlined. The interface problems of safety critical instrumentation with sensors, actuators, other computer systems, etc., are detailed with examples. Testability and maintainability shall be taken into account during design phase. Online diagnostics for safety critical instrumentation is detailed with examples. Salient details of design guides from Atomic Energy Regulatory Board, International Atomic Energy Agency and standards from IEEE, BIS are given towards the design of safety critical instrumentation systems. (author)

  10. Design aspects of safety critical instrumentation of nuclear installations

    Energy Technology Data Exchange (ETDEWEB)

    Swaminathan, P. [Electronics Group, Indira Gandhi Centre for Atomic Research, Kalpakkam 603 102, Tamil Nadu (India)]. E-mail: swamy@igcar.ernet.in

    2005-07-01

    Safety critical instrumentation systems ensure safe shutdown/configuration of the nuclear installation when process status exceeds the safety threshold limits. Design requirements for safety critical instrumentation such as functional and electrical independence, fail-safe design, and architecture to ensure the specified unsafe failure rate and safe failure rate, human machine interface (HMI), etc., are explained with examples. Different fault tolerant architectures like 1/2, 2/2, 2/3 hot stand-by are compared for safety critical instrumentation. For embedded systems, software quality assurance is detailed both during design phase and O and M phase. Different software development models such as waterfall model and spiral model are explained with examples. The error distribution in embedded system is detailed. The usage of formal method is outlined to reduce the specification error. The guidelines for coding of application software are outlined. The interface problems of safety critical instrumentation with sensors, actuators, other computer systems, etc., are detailed with examples. Testability and maintainability shall be taken into account during design phase. Online diagnostics for safety critical instrumentation is detailed with examples. Salient details of design guides from Atomic Energy Regulatory Board, International Atomic Energy Agency and standards from IEEE, BIS are given towards the design of safety critical instrumentation systems. (author)

  11. SRTC criticality safety technical review: Nuclear Criticality Safety Evaluation 93-04 enriched uranium receipt

    International Nuclear Information System (INIS)

    Rathbun, R.

    1993-01-01

    Review of NMP-NCS-930087, open-quotes Nuclear Criticality Safety Evaluation 93-04 Enriched Uranium Receipt (U), July 30, 1993, close quotes was requested of SRTC (Savannah River Technology Center) Applied Physics Group. The NCSE is a criticality assessment to determine the mass limit for Engineered Low Level Trench (ELLT) waste uranium burial. The intent is to bury uranium in pits that would be separated by a specified amount of undisturbed soil. The scope of the technical review, documented in this report, consisted of (1) an independent check of the methods and models employed, (2) independent HRXN/KENO-V.a calculations of alternate configurations, (3) application of ANSI/ANS 8.1, and (4) verification of WSRC Nuclear Criticality Safety Manual procedures. The NCSE under review concludes that a 500 gram limit per burial position is acceptable to ensure the burial site remains in a critically safe configuration for all normal and single credible abnormal conditions. This reviewer agrees with that conclusion

  12. Methodology for Determination of the Upper Safety Limit for Criticality Calculations for Criticality Safety Analyses

    Energy Technology Data Exchange (ETDEWEB)

    Smith, R.H.; Keener, H.J.; DeClue, J.F.; Krass, A.W.

    2001-04-01

    This report considers the methods for determination of an upper safety limit, and incorporating uncertainty and margin into the safety limit, provides comparisons, and recommends a preferred method for determining the Upper Safety Limit (USL). A USL is developed for CSAS25 from SCALE4.4a. The USL is applicable for the CSAS25 control module from the SCALE 4.4a computer code system for use in evaluating nuclear criticality safety of enriched uranium systems. The benchmark calculation results used for this report are documented in Y/DD-896. The statistical evaluation is documented in CCG-380. The 27-group ENDF/B-IV, 44-group ENDF/B-V, and 238-group ENDF/B-V cross-section libraries were used. Numerical methods for applying margins are described, but the determination of appropriate correlating parameters and values for additional margin, applicable to a particular analysis, must be determined as part of a process analysis. As such, this document does not specify final upper subcritical limits as has been done in the past. No correlation between calculation results and neutron energy causing fission was found for the critical experiment results. Analysts using these results are responsible for exercising sound engineering judgment using strong technical arguments to develop ''a margin in k{sub eff} or other correlating parameter that is sufficiently large to ensure that conditions (calculated by this method to be subcritical by this margin) will actually be subcritical.'' Documentation of area of applicability and determination and justification of the appropriate margin in the analyst's evaluation, in conjunction with this report, will constitute the complete Validation Report in accordance with ANSI/ANS-8.1-1998, Section 4.3.6(4).

  13. Assistance for design and realization of real-time safety critical applications according to Oasis; Aide a la conception et a la realisation d'applications temps-reel critiques selon OASIS

    Energy Technology Data Exchange (ETDEWEB)

    Aussagues, Ch.; Cordonnier, Ch.; Quetueil, I.; David, V

    1998-07-01

    Assistance for design and realization is all the more essential when safety-critical, real-time and complex applications are considered. When developing such applications, real-time and dependability features should be managed as soon as possible. Then, since the design phase, programmers have to strive even more than with common applications. In the context of the OASIS approach, assistance for design and realization is based on some intrinsic properties of the model, i.e. determinism, behavior independence and timeliness. The assistance, that may be furnished in the OASIS approach, has three complementary components that constitute the focus of this article. (authors)

  14. International Criticality Safety Benchmark Evaluation Project (ICSBEP) - ICSBEP 2015 Handbook

    International Nuclear Information System (INIS)

    Bess, John D.

    2015-01-01

    The Criticality Safety Benchmark Evaluation Project (CSBEP) was initiated in October of 1992 by the United States Department of Energy (DOE). The project quickly became an international effort as scientists from other interested countries became involved. The International Criticality Safety Benchmark Evaluation Project (ICSBEP) became an official activity of the Nuclear Energy Agency (NEA) in 1995. This handbook contains criticality safety benchmark specifications that have been derived from experiments performed at various critical facilities around the world. The benchmark specifications are intended for use by criticality safety engineers to validate calculation techniques used to establish minimum subcritical margins for operations with fissile material and to determine criticality alarm requirements and placement. Many of the specifications are also useful for nuclear data testing. Example calculations are presented; however, these calculations do not constitute a validation of the codes or cross-section data. The evaluated criticality safety benchmark data are given in nine volumes. These volumes span approximately 69000 pages and contain 567 evaluations with benchmark specifications for 4874 critical, near-critical or subcritical configurations, 31 criticality alarm placement/shielding configurations with multiple dose points for each, and 207 configurations that have been categorised as fundamental physics measurements that are relevant to criticality safety applications. New to the handbook are benchmark specifications for neutron activation foil and thermoluminescent dosimeter measurements performed at the SILENE critical assembly in Valduc, France as part of a joint venture in 2010 between the US DOE and the French Alternative Energies and Atomic Energy Commission (CEA). A photograph of this experiment is shown on the front cover. Experiments that are found unacceptable for use as criticality safety benchmark experiments are discussed in these

  15. Criticality safety engineer training at WSRC

    International Nuclear Information System (INIS)

    Williamson, T.G.; Mincey, J.F.

    1993-01-01

    Two programs designed to prepare engineers for certification as criticality safety engineers are offered at Westinghouse Savannah River Company (WSRC). One program, Student On Loan Criticality Engineer Training (SOLCET), is an intensive 2-yr course involving lectures, rigorous problem assignments, and mentoring. The other program, In-Field Criticality Engineer Training (IN-FIELD), is a less intensive series of lectures and problem assignments. Both courses are conducted by members of the Applied Physics Group (APG) of the Savannah River Technical Center, the organization at WSRC responsible for the operation and maintenance of criticality codes and for training of code users

  16. Critical experiments facility and criticality safety programs at JAERI

    International Nuclear Information System (INIS)

    Kobayashi, Iwao; Tachimori, Shoichi; Takeshita, Isao; Suzaki, Takenori; Miyoshi, Yoshinori; Nomura, Yasushi

    1985-10-01

    The nuclear criticality safety is becoming a key point in Japan in the safety considerations for nuclear installations outside reactors such as spent fuel reprocessing facilities, plutonium fuel fabrication facilities, large scale hot alboratories, and so on. Especially a large scale spent fuel reprocessing facility is being designed and would be constructed in near future, therefore extensive experimental studies are needed for compilation of our own technical standards and also for verification of safety in a potential criticality accident to obtain public acceptance. Japan Atomic Energy Research Institute is proceeding a construction program of a new criticality safety experimental facility where criticality data can be obtained for such solution fuels as mainly handled in a reprocessing facility and also chemical process experiments can be performed to investigate abnormal phenomena, e.g. plutonium behavior in solvent extraction process by using pulsed colums. In FY 1985 detail design of the facility will be completed and licensing review by the government would start in FY 1986. Experiments would start in FY 1990. Research subjects and main specifications of the facility are described. (author)

  17. Criticality safety (prospect of study in NUCEF)

    International Nuclear Information System (INIS)

    Itagaki, Masafumi

    1996-01-01

    Experimental studies of criticality safety are under way using STACY and TRACY in NUCEF. Collection of fundamental data on criticality in a solution system is undergoing with STACY to confirm that the likelihood of criticality safety in the system constructed on the assumption of apparatuses in a reprocessing plant is enough large. Whereas some experiments simulating criticality accidents in a reprocessing plant using TRACY were designed to investigate the behaviors of fuel solution and radioactive matters in order to clarify whether it is possible to safely shut them in the facility even if a critical accident occurs. Both STACY and TRACY reached the criticality in 1995. Up to now a series of criticality experiments have been done using STACY with a core tank φ60 cm and the first periodical examination is now under way. On the other hand, we have a plan using TRACY to investigate the behaviors of nuclear heat solution at a criticality accident, and the releasing, transfer and deposition of radioactive materials. After reaching the criticality for the first, the performance verification test has been conducted. The full-scale study using TRACY is planned to begin in the second half of 1996. (M.N.)

  18. Safety critical software development qualification

    International Nuclear Information System (INIS)

    Marron, J. E.

    2006-01-01

    With the increasing use of digital systems in control applications, customers must acquire appropriate expectations for software development and quality assurance procedures. Purchasers and users of digital systems need to understand the benefits to the supplier of effective quality systems. These systems consist not only of procedures but tools that enable automation. Without the use of automation, quality can not be assured. A software and systems quality program starts with the documents you are very familiar with. But these documents must define more than the final system. They must address specific development environment characteristics and testing capabilities. Starting with the RFP, some of the items that should be introduced are Software Configuration Management, regression testing and defect tracking. The digital system customer is in the best position to enforce the use of software and systems quality programs by including them in project requirements as early as the Purchase Order. The customer's understanding of the full scope and implementation of a software quality program is essential to achieving the quality necessary in nuclear projects, and, incidentally, completing those projects on schedule. (authors)

  19. Safety prediction for basic components of safety-critical software based on static testing

    International Nuclear Information System (INIS)

    Son, H.S.; Seong, P.H.

    2000-01-01

    The purpose of this work is to develop a safety prediction method, with which we can predict the risk of software components based on static testing results at the early development stage. The predictive model combines the major factor with the quality factor for the components, which are calculated based on the measures proposed in this work. The application to a safety-critical software system demonstrates the feasibility of the safety prediction method. (authors)

  20. Safety prediction for basic components of safety critical software based on static testing

    International Nuclear Information System (INIS)

    Son, H.S.; Seong, P.H.

    2001-01-01

    The purpose of this work is to develop a safety prediction method, with which we can predict the risk of software components based on static testing results at the early development stage. The predictive model combines the major factor with the quality factor for the components, both of which are calculated based on the measures proposed in this work. The application to a safety-critical software system demonstrates the feasibility of the safety prediction method. (authors)

  1. Prerequisites of ideal safety-critical organizations

    International Nuclear Information System (INIS)

    Takeuchi, Michiru; Hikono, Masaru; Matsui, Yuko; Goto, Manabu; Sakuda, Hiroshi

    2013-01-01

    This study explores the prerequisites of ideal safety-critical organizations, marshalling arguments of 4 areas of organizational research on safety, each of which has overlap: a safety culture, high reliability organizations (HROs), organizational resilience, and leadership especially in safety-critical organizations. The approach taken in this study was to retrieve questionnaire items or items on checklists of the 4 research areas and use them as materials of abduction (as referred to in the KJ method). The results showed that the prerequisites of ideal safety-oriented organizations consist of 9 factors as follows: (1) The organization provides resources and infrastructure to ensure safety. (2) The organization has a sharable vision. (3) Management attaches importance to safety. (4) Employees openly communicate issues and share wide-ranging information with each other. (5) Adjustments and improvements are made as the organization's situation changes. (6) Learning activities from mistakes and failures are performed. (7) Management creates a positive work environment and promotes good relations in the workplace. (8) Workers have good relations in the workplace. (9) Employees have all the necessary requirements to undertake their own functions, and act conservatively. (author)

  2. Safety Critical Java for Robotics Programming

    DEFF Research Database (Denmark)

    Thomsen, Bent; Luckow, Kasper Søe; Bøgholm, Thomas

    2015-01-01

    This paper introduces Safety Critical Java (SCJ) and argues its readiness for robotics programming. We give an overview of the work done at Aalborg University and elsewhere on SCJl, some of its implementations in the form of the JOP, FijiVM and HVM and some of the tools, especially WCA, Teta...

  3. Recommendations for preparing the criticality safety evaluation of transportation packages

    International Nuclear Information System (INIS)

    Dyer, H.R.; Parks, C.V.

    1997-04-01

    This report provides recommendations on preparing the criticality safety section of an application for approval of a transportation package containing fissile material. The analytical approach to the evaluation is emphasized rather than the performance standards that the package must meet. Where performance standards are addressed, this report incorporates the requirements of 10 CFR Part 71. 12 refs., 6 figs., 8 tabs

  4. Computational methods for nuclear criticality safety analysis

    International Nuclear Information System (INIS)

    Maragni, M.G.

    1992-01-01

    Nuclear criticality safety analyses require the utilization of methods which have been tested and verified against benchmarks results. In this work, criticality calculations based on the KENO-IV and MCNP codes are studied aiming the qualification of these methods at the IPEN-CNEN/SP and COPESP. The utilization of variance reduction techniques is important to reduce the computer execution time, and several of them are analysed. As practical example of the above methods, a criticality safety analysis for the storage tubes for irradiated fuel elements from the IEA-R1 research has been carried out. This analysis showed that the MCNP code is more adequate for problems with complex geometries, and the KENO-IV code shows conservative results when it is not used the generalized geometry option. (author)

  5. Nuclear Criticality Safety Organization training implementation. Revision 4

    Energy Technology Data Exchange (ETDEWEB)

    Carroll, K.J.; Taylor, R.G.; Worley, C.A.

    1997-05-19

    The Nuclear Criticality Safety Organization (NCSO) is committed to developing and maintaining a staff of qualified personnel to meet the current and anticipated needs in Nuclear Criticality Safety (NCS) at the Oak Ridge Y-12 Plant. This document provides a listing of the roles and responsibilities of NCSO personnel with respect to training and details of the Training Management System (TMS) programs, Mentoring Checklists and Checksheets, as well as other documentation utilized to implement the program. This Training Implementation document is applicable to all technical and managerial NCSO personnel, including temporary personnel, sub-contractors and/or LMES employees on loan to the NCSO, who are in a qualification program.

  6. Nuclear Criticality Safety Organization training implementation. Revision 4

    International Nuclear Information System (INIS)

    Carroll, K.J.; Taylor, R.G.; Worley, C.A.

    1997-01-01

    The Nuclear Criticality Safety Organization (NCSO) is committed to developing and maintaining a staff of qualified personnel to meet the current and anticipated needs in Nuclear Criticality Safety (NCS) at the Oak Ridge Y-12 Plant. This document provides a listing of the roles and responsibilities of NCSO personnel with respect to training and details of the Training Management System (TMS) programs, Mentoring Checklists and Checksheets, as well as other documentation utilized to implement the program. This Training Implementation document is applicable to all technical and managerial NCSO personnel, including temporary personnel, sub-contractors and/or LMES employees on loan to the NCSO, who are in a qualification program

  7. ACRR fuel storage racks criticality safety analysis

    International Nuclear Information System (INIS)

    Bodette, D.E.; Naegeli, R.E.

    1997-10-01

    This document presents the criticality safety analysis for a new fuel storage rack to support modification of the Annular Core Research Reactor for production of molybdenum-99 at Sandia National Laboratories, Technical Area V facilities. Criticality calculations with the MCNP code investigated various contingencies for the criticality control parameters. Important contingencies included mix of fuel element types stored, water density due to air bubbles or water level for the over-moderated racks, interaction with existing fuel storage racks and fuel storage holsters in the fuel storage pool, neutron absorption of planned rack design and materials, and criticality changes due to manufacturing tolerances or damage. Some limitations or restrictions on use of the new fuel storage rack for storage operations were developed through the criticality analysis and are required to meet the double contingency requirements of criticality safety. As shown in the analysis, this system will remain subcritical under all credible upset conditions. Administrative controls are necessary for loading, moving, and handling the storage rack as well as for control of operations around it. 21 refs., 16 figs., 4 tabs

  8. Nuclear Criticality Safety Organization qualification program. Revision 4

    International Nuclear Information System (INIS)

    Carroll, K.J.; Taylor, R.G.; Worley, C.A.

    1997-01-01

    The Nuclear Criticality Safety Organization (NCSO) is committed to developing and maintaining a staff of highly qualified personnel to meet the current and anticipated needs in Nuclear Criticality Safety (NCS) at the Oak Ridge Y-12 Plant. This document defines the Qualification Program to address the NCSO technical and managerial qualification as required by the Y-12 Training Implementation Matrix (TIM). It is implemented through a combination of LMES plant-wide training courses and professional nuclear criticality safety training provided within the organization. This Qualification Program is applicable to technical and managerial NCSO personnel, including temporary personnel, sub-contractors and/or LMES employees on loan to the NCSO, who perform the NCS tasks or serve NCS-related positions as defined in sections 5 and 6 of this program

  9. Criticality Safety Basics for INL Emergency Responders

    Energy Technology Data Exchange (ETDEWEB)

    Valerie L. Putman

    2012-08-01

    This document is a modular self-study guide about criticality safety principles for Idaho National Laboratory emergency responders. This guide provides basic criticality safety information for people who, in response to an emergency, might enter an area that contains much fissionable (or fissile) material. The information should help responders understand unique factors that might be important in responding to a criticality accident or in preventing a criticality accident while responding to a different emergency.

    This study guide specifically supplements web-based training for firefighters (0INL1226) and includes information for other Idaho National Laboratory first responders. However, the guide audience also includes other first responders such as radiological control personnel.

    For interested readers, this guide includes clearly marked additional information that will not be included on tests. The additional information includes historical examples (Been there. Done that.), as well as facts and more in-depth information (Did you know …).

    INL criticality safety personnel revise this guide as needed to reflect program changes, user requests, and better information. Revision 0, issued May 2007, established the basic text. Revision 1 incorporates operation, program, and training changes implemented since 2007. Revision 1 increases focus on first responders because later responders are more likely to have more assistance and guidance from facility personnel and subject matter experts. Revision 1 also completely reorganized the training to better emphasize physical concepts behind the criticality controls that help keep emergency responders safe. The changes are based on and consistent with changes made to course 0INL1226.

  10. Study of criticality safety of fresh fuel

    International Nuclear Information System (INIS)

    Pesic, M.; Dasic, N.

    1998-01-01

    A study on criticality safety of fresh low and high enriched uranium (LEU and HEU) fuel elements, in the original metal containers (OMC) placed in the special metal protection 'cage' and in a designed wooden storage case (WSC), at the RB research reactor is carried out by using the well-known MCNP TM computer code. It is shown for the first time that these HEU and LEU fresh fuel elements, stored in the WSC or in the OMCs, are far away from criticality, even in a case of unexpected flooding of the storage by light water. (author)

  11. Criticality safety calculations of storage canisters

    International Nuclear Information System (INIS)

    Agrenius, L.

    2002-04-01

    In the planned Swedish repository for deep disposal of spent nuclear fuel the fuel assemblies will be stored in storage canisters made of cast iron and copper. To assure safe storage of the fuel the requirement is that the normal criticality safety criteria have to be met. The effective neutron multiplication factor must not exceed 0.95 in the most reactive conditions including different kinds of uncertainties. In this report it is shown that the criteria could be met if credit for the reactivity decrease due to the burn up of the fuel is taken into account. The criticality safety criteria are based on the US NRC regulatory requirements for transportation and storage of spent fuel

  12. Security for safety critical space borne systems

    Science.gov (United States)

    Legrand, Sue

    1987-01-01

    The Space Station contains safety critical computer software components in systems that can affect life and vital property. These components require a multilevel secure system that provides dynamic access control of the data and processes involved. A study is under way to define requirements for a security model providing access control through level B3 of the Orange Book. The model will be prototyped at NASA-Johnson Space Center.

  13. Neutron nuclear data measurements for criticality safety

    Science.gov (United States)

    Guber, Klaus; Paradela, Carlos; Heyse, Jan; Kopecky, Stefan; Schillebeeckx, Peter; Siegler, Peter

    2017-09-01

    To support the US Department of Energy Nuclear Criticality Safety Program, neutron-induced cross section experiments were performed at the Geel Electron Linear Accelerator of the Joint Research Center Site Geel, European Union. Neutron capture and transmission measurements were carried out using metallic natural cerium and vanadium samples. Together with existing data, the measured data will be used for a new evaluation and will be submitted with covariances to the ENDF/B nuclear data library.

  14. Present status of International Criticality Safety Benchmark Evaluation Project (ICSBEP)

    International Nuclear Information System (INIS)

    Miyoshi, Yoshinori

    2000-01-01

    The International Criticality Safety Evaluation Project, ICSBEP was designed to identify and evaluate a comprehensive set of critical experiment benchmark data. Compilation of the data into a standardized format are made by reviewing original and subsequently revised documentation for calculating each experiment with standard criticality safety codes. Five handbooks of evaluated criticality safety benchmark experiments have been published since 1995. (author)

  15. Software qualification in safety applications

    International Nuclear Information System (INIS)

    Lawrence, J.D.

    2000-01-01

    The developers of safety-critical instrumentation and control systems must qualify the design of the components used, including the software in the embedded computer systems, in order to ensure that the component can be trusted to perform its safety function under the full range of operating conditions. There are well known ways to qualify analog systems using the facts that: (1) they are built from standard modules with known properties; (2) design documents are available and described in a well understood language; (3) the performance of the component is constrained by physics; and (4) physics models exist to predict the performance. These properties are not generally available for qualifying software, and one must fall back on extensive testing and qualification of the design process. Neither of these is completely satisfactory. The research reported here is exploring an alternative approach that is intended to permit qualification for an important subset of instrumentation software. The research goal is to determine if a combination of static analysis and limited testing can be used to qualify a class of simple, but practical, computer-based instrumentation components for safety application. These components are of roughly the complexity of a motion detector alarm controller. This goal is accomplished by identifying design constraints that enable meaningful analysis and testing. Once such design constraints are identified, digital systems can be designed to allow for analysis and testing, or existing systems may be tested for conformance to the design constraints as a first step in a qualification process. This will considerably reduce the cost and monetary risk involved in qualifying commercial components for safety-critical service

  16. Software quality assurance plans for safety-critical software

    International Nuclear Information System (INIS)

    Liddle, P.

    2006-01-01

    Application software is defined as safety-critical if a fault in the software could prevent the system components from performing their nuclear-safety functions. Therefore, for nuclear-safety systems, the AREVA TELEPERM R XS (TXS) system is classified 1E, as defined in the Inst. of Electrical and Electronics Engineers (IEEE) Std 603-1998. The application software is classified as Software Integrity Level (SIL)-4, as defined in IEEE Std 7-4.3.2-2003. The AREVA NP Inc. Software Program Manual (SPM) describes the measures taken to ensure that the TELEPERM XS application software attains a level of quality commensurate with its importance to safety. The manual also describes how TELEPERM XS correctly performs the required safety functions and conforms to established technical and documentation requirements, conventions, rules, and standards. The program manual covers the requirements definition, detailed design, integration, and test phases for the TELEPERM XS application software, and supporting software created by AREVA NP Inc. The SPM is required for all safety-related TELEPERM XS system applications. The program comprises several basic plans and practices: 1. A Software Quality-Assurance Plan (SQAP) that describes the processes necessary to ensure that the software attains a level of quality commensurate with its importance to safety function. 2. A Software Safety Plan (SSP) that identifies the process to reasonably ensure that safety-critical software performs as intended during all abnormal conditions and events, and does not introduce any new hazards that could jeopardize the health and safety of the public. 3. A Software Verification and Validation (V and V) Plan that describes the method of ensuring the software is in accordance with the requirements. 4. A Software Configuration Management Plan (SCMP) that describes the method of maintaining the software in an identifiable state at all times. 5. A Software Operations and Maintenance Plan (SO and MP) that

  17. Validation testing of safety-critical software

    International Nuclear Information System (INIS)

    Kim, Hang Bae; Han, Jae Bok

    1995-01-01

    A software engineering process has been developed for the design of safety critical software for Wolsung 2/3/4 project to satisfy the requirements of the regulatory body. Among the process, this paper described the detail process of validation testing performed to ensure that the software with its hardware, developed by the design group, satisfies the requirements of the functional specification prepared by the independent functional group. To perform the tests, test facility and test software were developed and actual safety system computer was connected. Three kinds of test cases, i.e., functional test, performance test and self-check test, were programmed and run to verify each functional specifications. Test failures were feedback to the design group to revise the software and test results were analyzed and documented in the report to submit to the regulatory body. The test methodology and procedure were very efficient and satisfactory to perform the systematic and automatic test. The test results were also acceptable and successful to verify the software acts as specified in the program functional specification. This methodology can be applied to the validation of other safety-critical software. 2 figs., 2 tabs., 14 refs. (Author)

  18. University education and nuclear criticality safety professionals

    Energy Technology Data Exchange (ETDEWEB)

    Wilson, R.E. [Safe Sites of Colorado, Golden, CO (United States); Stachowiak, R.V. [Kaiser-Hill Co., LLC, Golden, CO (United States); Knief, R.A. [Ogden Environmental and Energy Services, Albuquerque, NM (United States)

    1996-12-31

    The problem of developing a productive criticality safety specialist at a nuclear fuel facility has long been with us. The normal practice is to hire a recent undergraduate or graduate degree recipient and invest at least a decade in on-the-job training. In the early 1980s, the U.S. Department of Energy (DOE) developed a model intern program in an attempt to speed up the process. The program involved working at assigned projects for extended periods at a working critical mass laboratory, a methods development group, and a fuel cycle facility. This never gained support as it involved extended time away from the job. At the Rocky Flats Environmental Technology Site, the training method is currently the traditional one involving extensive experience. The flaw is that the criticality safety staff turnover has been such that few individuals continue for the decade some consider necessary for maturity in the discipline. To maintain quality evaluations and controls as well as interpretation decisions, extensive group review is used. This has proved costly to the site and professionally unsatisfying to the current staff. The site contractor has proposed a training program to remedy the basic problem.

  19. The SCALE criticality safety analysis sequences: Status and future directions

    International Nuclear Information System (INIS)

    Parks, C.V.

    1993-01-01

    The Standardized Computer Analyses for Licensing Evaluation (SCALE) code system. Was originally conceived and developed in the late 1970s for the US Nuclear Regulatory Commission. The goal was to provide easy-to-use, yet accurate, analysis capabilities for use in evaluating the criticality safety, shielding, and heat transfer aspects of transportation packages for radioactive material. The Criticality Safety Analysis Sequences (CSAS) for SCALE were developed to ''automate'' problem-dependent cross-section and material processing prior to execution of the wellestablished XSDRNPM or KENO codes for calculation of k eff . The criticality analysis sequences provided in SCALE-4 are summarized. The SCALE system continues to be maintained and enhanced by staff of the Computing Applications Division at Oak Ridge National Laboratory (ORNL). The purpose of this paper is to discuss recent work to improve system portability and user interfaces and to provide information on ongoing work to enhance the analysis capabilities

  20. Criticality safety training at Westinghouse Hanford Company

    International Nuclear Information System (INIS)

    Rogers, C.A.; Paglieri, J.N.

    1983-01-01

    In 1972 the Westinghouse Hanford Company (WHC) established a comprehensive program to certify personnel who handle fissionable materials. As the quantity of fissionable material handled at WHC has increased so has the scope of training to assure that all employes perform their work in a safe manner. This paper describes training for personnel engaged in fuel fabrication and handling activities. Most of this training is provided by the Fissionable Material Handlers Certification Program. This program meets or exceeds all DOE requirements for training and has been attended by more than 475 employes. Since the program was instituted, the rate of occurrence of criticality safety limit violations has decreased by 50%

  1. 14 CFR 417.121 - Safety critical preflight operations.

    Science.gov (United States)

    2010-01-01

    ... the launch of an unguided suborbital rocket, in addition to meeting the other requirements of this... ADMINISTRATION, DEPARTMENT OF TRANSPORTATION LICENSING LAUNCH SAFETY Launch Safety Responsibilities § 417.121 Safety critical preflight operations. (a) General. A launch operator must perform safety critical...

  2. Private Memory Allocation Analysis for Safety-Critical Java

    DEFF Research Database (Denmark)

    Dalsgaard, Andreas E.; Hansen, René Rydhof; Schoeberl, Martin

    2012-01-01

    allowed from objects allocated in scopes with a shorter lifetime to objects allocated in scopes with a longer lifetime. To ensure memory safety, programmers are required to either manually annotate the application with complex annotations, rely on a runtime test of each reference assignment, or statically......Safety-critical Java (SCJ) avoids garbage collection and uses a scope based memory model. This memory model is based on a restricted version of RTSJ [2] style scopes. The scopes form a clear hierarchy with different lifetimes. Therefore, references between objects in different scopes are only...

  3. Use of modern software - based instrumentation in safety critical systems

    International Nuclear Information System (INIS)

    Emmett, J.; Smith, B.

    2005-01-01

    Many Nuclear Power Plants are now ageing and in need of various degrees of refurbishment. Installed instrumentation usually uses out of date 'analogue' technology and is often no longer available in the market place. New technology instrumentation is generally un-qualified for nuclear use and specifically the new 'smart' technology contains 'firmware', (effectively 'soup' (Software of Uncertain Pedigree)) which must be assessed in accordance with relevant safety standards before it may be used in a safety application. Particular standards are IEC 61508 [1] and the British Energy (BE) PES (Programmable Electronic Systems) guidelines EPD/GEN/REP/0277/97. [2] This paper outlines a new instrument evaluation system, which has been developed in conjunction with the UK Nuclear Industry. The paper concludes with a discussion about on-line monitoring of Smart instrumentation in safety critical applications. (author)

  4. Hardware Support for Safety-critical Java Scope Checks

    DEFF Research Database (Denmark)

    Rios Rivas, Juan Ricardo; Schoeberl, Martin

    2012-01-01

    Memory management in Safety-Critical Java (SCJ) is based on time bounded, non garbage collected scoped memory regions used to store temporary objects. Scoped memory regions may have different life times during the execution of a program and hence, to avoid leaving dangling pointers, it is necessary...... in terms of execution time for applications where cross-scope references are frequent. Our proposal was implemented and tested on the Java Optimized Processor (JOP)....

  5. Development of the DOE Nuclear Criticality Safety Program Web site for the nuclear criticality safety professional

    International Nuclear Information System (INIS)

    Lee, C.K.; Huang, S.; Morman, J.A.; Garcia, A.S.

    2000-01-01

    Development of the US Department of Energy (DOE) Nuclear Criticality Safety (NCS) Program (NCSP) Web site is the result of the efforts of many members of the NCS community and is maintained by Lawrence Livermore National Laboratory (LLNL) under the direction of the NCSP Management Team. This World-Wide-Web resource was developed as part of the DOE response to Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 97-2, which reflected the need to make criticality safety information available to a wide audience. The NCSP Web site provides information of interest to NCS professionals and includes links to other sites actively involved in the collection and dissemination of criticality safety information. To the extent possible, the hyperlinks on this Web site direct the user to the original source of the referenced material to ensure access to the latest, most accurate version. This site is intended to provide a central location for access to relevant NCS information in a user-friendly environment for the criticality safety community

  6. Fast Reactor Spent Fuel Processing: Experience and Criticality Safety

    International Nuclear Information System (INIS)

    Chad Pope

    2007-01-01

    This paper discusses operational and criticality safety experience associated with the Idaho National Laboratory Fuel Conditioning Facility which uses a pyrometallurgical process to treat spent fast reactor metallic fuel. The process is conducted in an inert atmosphere hot cell. The process starts with chopping metallic fuel elements into a basket. The basket is lowered into molten salt (LiCl-KCl) along with a steel mandrel. Active metal fission products, transuranic metals and sodium metal in the spent fuel undergo chemical oxidation and form chlorides. Voltage is applied between the basket, which serves as an anode, and the mandrel, which serves as a cathode, causing metallic uranium in the spent fuel to undergo electro-chemical oxidation thereby forming uranium chloride. Simultaneously at the cathode, uranium chloride undergoes electro-chemical reduction and deposits uranium metal onto the mandrel. The uranium metal and accompanying entrained salt are placed in a distillation furnace where the uranium melts forming an ingot and the entrained salt boils and subsequently condenses in a separate crucible. The uranium ingots are placed in long term storage. During the ten year operating history, over one hundred criticality safety evaluations were prepared. All criticality safety related limits and controls for the entire process are contained in a single document which required over thirty revisions to accommodate the process changes. Operational implementation of the limits and controls includes use of a near real-time computerized tracking system. The tracking system uses an Oracle database coupled with numerous software applications. The computerized tracking system includes direct fuel handler interaction with every movement of material. Improvements to this system during the ten year history include introduction of web based operator interaction, tracking of moderator materials and the development of a plethora database queries to assist in day to day

  7. NUSS safety standards: A critical assessment

    International Nuclear Information System (INIS)

    Minogue, R.B.

    1985-01-01

    The NUSS safety standards are based on systematic review of safety criteria of many countries in a process carefully defined to assure completeness of coverage. They represent an international consensus of accepted safety principles and practices for regulation and for the design, construction, and operation of nuclear power plants. They are a codification of principles and practices already in use by some Member States. Thus, they are not standards which describe methodologies at their present state of evolution as a result of more recent experience and improvements in technological understanding. The NUSS standards assume an underlying body of national standards and a defined technological base. Detailed design and industrial practices vary between countries and the implementation of basic safety standards within countries has taken approaches that conform with national industrial practices. Thus, application of the NUSS standards requires reconciliation with the standards of the country where the reactor will be built as well as with the country from which procurement takes place. Experience in making that reconciliation will undoubtedly suggest areas of needed improvement. After the TMI accident a reassessment of the NUSS programme was made and it was concluded that, given the information at that time and the then level of technology, the basic approach was sound; the NUSS programme should be continued to completion, and the standards should be brought into use. It was also recognized, however, that in areas such as probabilistic risk assessment, human factors methodology, and consideration of detailed accident sequences, more advanced technology was emerging. As these technologies develop, and become more amenable to practical application, it is anticipated that the NUSS standards will need revision. Ideally those future revisions will also flow from experience in their use

  8. Quantitative reliability assessment for safety critical system software

    International Nuclear Information System (INIS)

    Chung, Dae Won; Kwon, Soon Man

    2005-01-01

    An essential issue in the replacement of the old analogue I and C to computer-based digital systems in nuclear power plants is the quantitative software reliability assessment. Software reliability models have been successfully applied to many industrial applications, but have the unfortunate drawback of requiring data from which one can formulate a model. Software which is developed for safety critical applications is frequently unable to produce such data for at least two reasons. First, the software is frequently one-of-a-kind, and second, it rarely fails. Safety critical software is normally expected to pass every unit test producing precious little failure data. The basic premise of the rare events approach is that well-tested software does not fail under normal routine and input signals, which means that failures must be triggered by unusual input data and computer states. The failure data found under the reasonable testing cases and testing time for these conditions should be considered for the quantitative reliability assessment. We will present the quantitative reliability assessment methodology of safety critical software for rare failure cases in this paper

  9. Formalization and Validation of Safety-Critical Requirements

    Directory of Open Access Journals (Sweden)

    Alessandro Cimatti

    2010-03-01

    Full Text Available The validation of requirements is a fundamental step in the development process of safety-critical systems. In safety critical applications such as aerospace, avionics and railways, the use of formal methods is of paramount importance both for requirements and for design validation. Nevertheless, while for the verification of the design, many formal techniques have been conceived and applied, the research on formal methods for requirements validation is not yet mature. The main obstacles are that, on the one hand, the correctness of requirements is not formally defined; on the other hand that the formalization and the validation of the requirements usually demands a strong involvement of domain experts. We report on a methodology and a series of techniques that we developed for the formalization and validation of high-level requirements for safety-critical applications. The main ingredients are a very expressive formal language and automatic satisfiability procedures. The language combines first-order, temporal, and hybrid logic. The satisfiability procedures are based on model checking and satisfiability modulo theory. We applied this technology within an industrial project to the validation of railways requirements.

  10. Using fuzzy self-organising maps for safety critical systems

    International Nuclear Information System (INIS)

    Kurd, Zeshan; Kelly, Tim P.

    2007-01-01

    This paper defines a type of constrained artificial neural network (ANN) that enables analytical certification arguments whilst retaining valuable performance characteristics. Previous work has defined a safety lifecycle for ANNs without detailing a specific neural model. Building on this previous work, the underpinning of the devised model is based upon an existing neuro-fuzzy system called the fuzzy self-organising map (FSOM). The FSOM is type of 'hybrid' ANN which allows behaviour to be described qualitatively and quantitatively using meaningful expressions. Safety of the FSOM is argued through adherence to safety requirements-derived from hazard analysis and expressed using safety constraints. The approach enables the construction of compelling (product-based) arguments for mitigation of potential failure modes associated with the FSOM. The constrained FSOM has been termed a 'safety critical artificial neural network' (SCANN). The SCANN can be used for non-linear function approximation and allows certified learning and generalisation for high criticality roles. A discussion of benefits for real-world applications is also presented

  11. Reconfigurable field programmable gate arrays for mission-critical applications

    CERN Document Server

    Battezzati, NiccoloI; Violante, Massimo

    2010-01-01

    Embedded systems applications that are either mission or safety-critical usually entail low- to mid- production volumes, require the rapid development of specific tasks, which are typically computing intensive, and are cost bounded. The adoption of re-configurable FPGAs in such application domains is constrained to the availability of suitable techniques to guarantee the dependability requirements entailed by critical applications. This book describes the challenges faced by designers when implementing a mission- or safety-critical application using re-configurable FPGAs and it details various

  12. Memory Management for Safety-Critical Java

    DEFF Research Database (Denmark)

    Schoeberl, Martin

    2011-01-01

    Safety-Critical Java (SCJ) is based on the Real-Time Specification for Java. To simplify the certification of Java programs, SCJ supports only a restricted scoped memory model. Individual threads share only immortal memory and the newly introduced mission memory. All other scoped memories...... are thread private. Furthermore, the notation of a maximum backing store requirement enables implementation of the scoped memories without fragmentation issues. In this paper we explore the implications of this new scoped memory model and possible simplifications in the implementation. It is possible...... to unify the three memory area types and provide a single class to represent all three memory areas of SCJ. The knowledge of the maximum storage requirements allows using nested backing stores in the implementation of the memory area representation. The proposed design of an SCJ compliant scope...

  13. Investigating the safety of medication administration in adult critical care settings.

    Science.gov (United States)

    Mansour, Mansour; James, Veronica; Edgley, Alison

    2012-01-01

    Medication errors are recognized causes of patient morbidity and mortality in hospital settings, and can occur at any stage of the medication management process. Medication administration errors are reported to occur more frequently in critical care settings, and can be associated with severe consequences. However, patient safety research tends to focus on accident causations rather than organizational factors which enhance patient safety and health care resilience to unsafe practice. The Organizational Safety Space Model was developed for high-risk industries to investigate factors that influence organizational safety. Its application in health care settings may offer a unique approach to understand organizational safety in the health care context, particularly in investigating the safety of medication administration in adult critical care settings. This literature review explores the development and use of the Organizational Safety Space Model in the industrial context, and considers its application in investigating the safety of medication administration in adult critical care settings. SEARCH STRATEGIES (INCLUSION AND EXCLUSION CRITERIA): CINAHL, Medline, British Nursing Index (BNI) and PsychInfo databases were searched for peer-reviewed papers, published in English, from 1970 to 2011 with relevance to organizational safety and medication administration in critical care, using the key words: organization, safety, nurse, critical care and medication administration. Archaeological searching, including grey literature and governmental documents, was also carried out. From the identified 766 articles, 51 studies were considered relevant. The Organizational Safety Space Model offers a productive, conceptual system framework to critically analyse the wider organizational issues, which may influence the safety of medication administration and organizational resilience to accidents. However, the model needs to be evaluated for its application in health care settings in

  14. Martin Marietta Energy Systems Nuclear Criticality Safety Improvement Program

    International Nuclear Information System (INIS)

    Speas, I.G.

    1987-01-01

    This report addresses questions raised by criticality safety violation at several DOE plants. Two charts are included that define the severity and reporting requirements for the six levels of accidents. A summary is given of all reported criticality incident at the DOE plants involved. The report concludes with Martin Marietta's Nuclear Criticality Safety Policy Statement

  15. Nuclear fuel technology - Administrative criteria related to nuclear criticality safety

    International Nuclear Information System (INIS)

    2004-01-01

    An effective nuclear criticality-safety programme includes cooperation among management, supervision, and the nuclear criticality-safety staff and, for each employee, relies upon conformance with operating procedures. Although the extent and complexity of safety-related activities may vary greatly with the size and type of operation with fissile material, certain safety elements are common. This International Standard represents a codification of such elements related to nuclear criticality safety. General guidance for nuclear criticality safety may be found in ISO 1709. The responsibilities of management, supervision, and the nuclear criticality-safety staff are addressed. The Objectives and characteristics of operating and emergency procedures are included in this International Standard. ISO 14943 was prepared by Technical Committee ISO/TC 85, Nuclear energy, Subcommittee SC 5, Nuclear fuel technology

  16. Providing Nuclear Criticality Safety Analysis Education through Benchmark Experiment Evaluation

    Energy Technology Data Exchange (ETDEWEB)

    John D. Bess; J. Blair Briggs; David W. Nigg

    2009-11-01

    One of the challenges that today's new workforce of nuclear criticality safety engineers face is the opportunity to provide assessment of nuclear systems and establish safety guidelines without having received significant experience or hands-on training prior to graduation. Participation in the International Criticality Safety Benchmark Evaluation Project (ICSBEP) and/or the International Reactor Physics Experiment Evaluation Project (IRPhEP) provides students and young professionals the opportunity to gain experience and enhance critical engineering skills.

  17. Proceedings of the Nuclear Criticality Technology Safety Workshop

    Energy Technology Data Exchange (ETDEWEB)

    Rene G. Sanchez

    1998-04-01

    This document contains summaries of most of the papers presented at the 1995 Nuclear Criticality Technology Safety Project (NCTSP) meeting, which was held May 16 and 17 at San Diego, Ca. The meeting was broken up into seven sessions, which covered the following topics: (1) Criticality Safety of Project Sapphire; (2) Relevant Experiments For Criticality Safety; (3) Interactions with the Former Soviet Union; (4) Misapplications and Limitations of Monte Carlo Methods Directed Toward Criticality Safety Analyses; (5) Monte Carlo Vulnerabilities of Execution and Interpretation; (6) Monte Carlo Vulnerabilities of Representation; and (7) Benchmark Comparisons.

  18. Safety-critical Java on a Java processor

    DEFF Research Database (Denmark)

    Schoeberl, Martin; Rios Rivas, Juan Ricardo

    2012-01-01

    The safety-critical Java (SCJ) specification is developed within the Java Community Process under specification request number JSR 302. The specification is available as public draft, but details are still discussed by the expert group. In this stage of the specification we need prototype...... implementations of SCJ and first test applications that are written with SCJ, even when the specification is not finalized. The feedback from those prototype implementations is needed for final decisions. To help the SCJ expert group, a prototype implementation of SCJ on top of the Java optimized processor...

  19. Reliability assessment for safety critical systems by statistical random testing

    International Nuclear Information System (INIS)

    Mills, S.E.

    1995-11-01

    In this report we present an overview of reliability assessment for software and focus on some basic aspects of assessing reliability for safety critical systems by statistical random testing. We also discuss possible deviations from some essential assumptions on which the general methodology is based. These deviations appear quite likely in practical applications. We present and discuss possible remedies and adjustments and then undertake applying this methodology to a portion of the SDS1 software. We also indicate shortcomings of the methodology and possible avenues to address to follow to address these problems. (author). 128 refs., 11 tabs., 31 figs

  20. Proceedings of the first annual Nuclear Criticality Safety Technology Project

    International Nuclear Information System (INIS)

    Rutherford, D.A.

    1994-09-01

    This document represents the published proceedings of the first annual Nuclear Criticality Safety Technology Project (NCSTP) Workshop, which took place May 12--14, 1992, in Gaithersburg, Md. The conference consisted of four sessions, each dealing with a specific aspect of nuclear criticality safety issues. The session titles were ''Criticality Code Development, Usage, and Validation,'' ''Experimental Needs, Facilities, and Measurements,'' ''Regulation, Compliance, and Their Effects on Nuclear Criticality Technology and Safety,'' and ''The Nuclear Criticality Community Response to the USDOE Regulations and Compliance Directives.'' The conference also sponsored a Working Group session, a report of the NCSTP Working Group is also presented. Individual papers have been cataloged separately

  1. Nuclear Criticality Safety Handbook, Version 2. English translation

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2001-08-01

    The Nuclear Criticality Safety Handbook, Version 2 essentially includes the description of the Supplement Report to the Nuclear Criticality Safety Handbook, released in 1995, into the first version of the Nuclear Criticality Safety Handbook, published in 1988. The following two points are new: (1) exemplifying safety margins related to modeled dissolution and extraction processes, (2) describing evaluation methods and alarm system for criticality accidents. Revision has been made based on previous studies for the chapter that treats modeling the fuel system: e.g., the fuel grain size that the system can be regarded as homogeneous, non-uniformity effect of fuel solution, an burnup credit. This revision has solved the inconsistencies found in the first version between the evaluation of errors found in JACS code system and the criticality condition data that were calculated based on the evaluation. This report is an English translation of the Nuclear Criticality Safety Handbook, Version 2, originally published in Japanese as JAERI 1340 in 1999. (author)

  2. Criticality safety training at the Hot Fuel Examination Facility

    International Nuclear Information System (INIS)

    Garcia, A.S.; Courtney, J.C.; Thelen, V.N.

    1983-01-01

    HFEF comprises four hot cells and out-of-cell support facilities for the US breeder program. The HFEF criticality safety program includes training in the basic theory of criticality and in specific criticality hazard control rules that apply to HFEF. A professional staff-member oversees the implementation of the criticality prevention program

  3. Critical review of safety performance metrics

    NARCIS (Netherlands)

    Karanikas, Nektarios

    2016-01-01

    Various tools for safety performance measurement have been introduced in order to fulfil the need for safety monitoring in organisations, which is tightly related to their overall performance and achievement of their business goals. Such tools include accident rates, benchmarking, safety culture and

  4. Automated tools for safety-critical software

    International Nuclear Information System (INIS)

    Lapassat, A.M.

    1993-01-01

    The regulatory (DSIN), the utilities (EDF, CEA..) and the CEA-Institute for Protection and Nuclear Safety (IPSN) work together at the French nuclear safety. This paper presents a tool, called CLAIRE, for simulation and tests of different nuclear safety system. (TEC)

  5. TRANSPORTATION CASK RECEIPT/RETURN FACILITY CRITICALITY SAFETY EVALUATIONS

    International Nuclear Information System (INIS)

    C.E. Sanders

    2005-01-01

    The purpose of this design calculation is to demonstrate that the handling operations of transportation casks performed in the Transportation Cask Receipt and Return Facility (TCRRF) and Buffer Area meet the nuclear criticality safety design criteria specified in the ''Project Design Criteria (PDC) Document'' (BSC [Bechtel SAIC Company] 2004 [DIRS 171599], Section 4.9.2.2), and the functional nuclear criticality safety requirement described in the ''Transportation Cask Receipt/Return Facility Description Document'' (BSC 2004 [DIRS 170217], Section 3.2.3). Specific scope of work contained in this activity consists of the following items: (1) Evaluate criticality effects for both dry and fully flooded conditions pertaining to TCRRF and Buffer Area operations for defense in depth. (2) Evaluate Category 1 and 2 event sequences for the TCRRF as identified in the ''Categorization of Event Sequences for License Application'' (BSC 2004 [DIRS 167268], Section 7). This evaluation includes credible fuel reconfiguration conditions. In addition to the scope of work listed above, an evaluation was also performed of modeling assumptions for commercial spent nuclear fuel (CSNF) regarding inclusion of plenum and end regions of the active fuel. This calculation is limited to CSNF and US Department of Energy (DOE) SNF. it should be mentioned that the latter waste form is evaluated more in depth in the ''Canister Handling Facility Criticality Safety Calculations (BSC 2004 [DIRS 167614]). Further, the design and safety analyses of the naval SNF canisters are the responsibility of the US Department of the Navy (Naval Nuclear Propulsion Program) and will not be included in this document. In addition, this calculation is valid for the current design of the TCRRF and Buffer Area and may not reflect the ongoing design evolution of the facility. However, it is anticipated that design changes to the facility layout will have little or no impact on the criticality results and/or conclusions

  6. Criticality safety of spent fuel casks considering water inleakage

    International Nuclear Information System (INIS)

    Osgood, N.L.; Withee, C.J.; Easton, E.P.

    2004-01-01

    A fundamental safety design parameter for all fissile material packages is that a single package must be critically safe even if water leaks into the containment system. In addition, criticality safety must be assured for arrays of packages under normal conditions of transport (undamaged packages) and under hypothetical accident conditions (damaged packages). The U.S. Nuclear Regulatory Commission staff has revised the review protocol for demonstrating criticality safety for spent fuel casks. Previous review guidance specified that water inleakage be considered under accident conditions. This practice was based on the fact that the leak tightness of spent fuel casks is typically demonstrated by use of structural analysis and not by physical testing. In addition, since a single package was shown to be safe with water inleakage, it was concluded that this analysis was also applicable to an array of damaged packages, since the heavy shield walls in spent fuel casks neutronically isolate each cask in the array. Inherent in this conclusion is that the fuel assembly geometry does not change significantly, even under drop test conditions. Requests for shipping fuel with burnup exceeding 40 GWd/MTU, including very high burnups exceeding 60 GWD/MTU, caused a reassessment of this assumption. Fuel cladding structural strength and ductility were not clearly predictable for these higher burnups. Therefore the single package analysis for an undamaged package may not be applicable for the damaged package. NRC staff developed a new practice for review of spent fuel casks under accident conditions. The practice presents two methods for approval that would allow an assessment of potential reconfiguration of the fuel assembly under accident conditions, or, alternatively, a demonstration of the water-exclusion boundary through physical testing

  7. Experience with performance based training of nuclear criticality safety engineers

    International Nuclear Information System (INIS)

    Taylor, R.G.

    1993-01-01

    For non-reactor nuclear facilities, the U.S. Department of Energy (DOE) does not require that nuclear criticality safety engineers demonstrate qualification for their job. It is likely, however, that more formalism will be required in the future. Current DOE requirements for those positions which do have to demonstrate qualification indicate that qualification should be achieved by using a systematic approach such as performance based training (PBT). Assuming that PBT would be an acceptable mechanism for nuclear criticality safety engineer training in a more formal environment, a site-specific analysis of the nuclear criticality safety engineer job was performed. Based on this analysis, classes are being developed and delivered to a target audience of newer nuclear criticality safety engineers. Because current interest is in developing training for selected aspects of the nuclear criticality safety engineer job, the analysis is incompletely developed in some areas

  8. Criticality Safety Evaluation of Hanford Tank Farms Facility

    International Nuclear Information System (INIS)

    WEISS, E.V.

    2000-01-01

    Data and calculations from previous criticality safety evaluations and analyses were used to evaluate criticality safety for the entire Tank Farms facility to support the continued waste storage mission. This criticality safety evaluation concludes that a criticality accident at the Tank Farms facility is an incredible event due to the existing form (chemistry) and distribution (neutron absorbers) of tank waste. Limits and controls for receipt of waste from other facilities and maintenance of tank waste condition are set forth to maintain the margin subcriticality in tank waste

  9. A Web-Based Nuclear Criticality Safety Bibliographic Database

    International Nuclear Information System (INIS)

    Koponen, B L; Huang, S

    2007-01-01

    A bibliographic criticality safety database of over 13,000 records is available on the Internet as part of the U.S. Department of Energy's (DOE) Nuclear Criticality Safety Program (NCSP) website. This database is easy to access via the Internet and gets substantial daily usage. This database and other criticality safety resources are available at ncsp.llnl.gov. The web database has evolved from more than thirty years of effort at Lawrence Livermore National Laboratory (LLNL), beginning with compilations of critical experiment reports and American Nuclear Society Transactions

  10. Tank waste remediation system nuclear criticality safety program management review

    International Nuclear Information System (INIS)

    BRADY RAAP, M.C.

    1999-01-01

    This document provides the results of an internal management review of the Tank Waste Remediation System (TWRS) criticality safety program, performed in advance of the DOE/RL assessment for closure of the TWRS Nuclear Criticality Safety Issue, March 1994. Resolution of the safety issue was identified as Hanford Federal Facility Agreement and Consent Order (Tri-Party Agreement) Milestone M-40-12, due September 1999

  11. Review of studies on criticality safety evaluation and criticality experiment methods

    International Nuclear Information System (INIS)

    Naito, Yoshitaka; Yamamoto, Toshihiro; Misawa, Tsuyoshi; Yamane, Yuichi

    2013-01-01

    Since the early 1960s, many studies on criticality safety evaluation have been conducted in Japan. Computer code systems were developed initially by employing finite difference methods, and more recently by using Monte Carlo methods. Criticality experiments have also been carried out in many laboratories in Japan as well as overseas. By effectively using these study results, the Japanese Criticality Safety Handbook was published in 1988, almost the intermediate point of the last 50 years. An increased interest has been shown in criticality safety studies, and a Working Party on Nuclear Criticality Safety (WPNCS) was set up by the Nuclear Science Committee of Organisation Economic Co-operation and Development in 1997. WPNCS has several task forces in charge of each of the International Criticality Safety Benchmark Evaluation Program (ICSBEP), Subcritical Measurement, Experimental Needs, Burn-up Credit Studies and Minimum Critical Values. Criticality safety studies in Japan have been carried out in cooperation with WPNCS. This paper describes criticality safety study activities in Japan along with the contents of the Japanese Criticality Safety Handbook and the tasks of WPNCS. (author)

  12. The critical safety functions and plant operation

    International Nuclear Information System (INIS)

    Corcoran, W.R.; Church, J.F.; Porter, N.J.; Cross, M.T.; Guinn, W.M.

    1981-01-01

    The paper outlines the operator's role in nuclear safety and introduces the concept of ''safety functions''. Safety functions are a group of actions that prevent core melt or minimize radiation releases to the general public. They can be used to provide a hierarchy of practical plant protection that an operator should use. ''An accident identical to that at Three Mile Island is not going to happen again'', said the Rogovin investigators. The concepts put forward in this paper are intended to help the operator avoid serious consequence from the next unexpected threat. On the basis of the safety evaluation, the operator has three roles in assuring that the consequences of an event will be no worse than the predicted acceptable results. These three operator roles are: first, maintain plant setup in readiness to properly respond; second, operate the plant in a manner such that fewer, milder events minimize the frequency and the severity of adverse events; third, the operator needs to monitor the plant to verify that the safety functions are accomplished. The operator needs a systematic approach to mitigating the consequences of an event. The concept of ''safety function'' introduces that systematic approach and prevents a hierarchy of protection. If the operator has difficulty in identifying an event for any reason, the systematic safety function approach allows ones to accomplish the overall path of mitigating consequences. There are ten identified functions designed to protect against core melt, preserve containment integrity, prevent indirect release of radioactivity, and maintain vital auxiliaries needed to support the other safety functions. The paper describes in detail the operator's role and the safety functions, and provides many examples of the use of alternative success paths to accomplish the safety function

  13. IOS SAFETY APPLICATION FOR UITM

    Directory of Open Access Journals (Sweden)

    MOHAMAD FAHMI HUSSIN

    2016-04-01

    Full Text Available This paper presents an iOS application, which is developed, to ensure that every task related to safety and health such as inspection, deviation analysis and accident reporting becomes more simple and easier. Normally, these three (3 tasks are done separately and the data are saved in different ways. These situations make the tasks become complicated and consume a lot of time. Therefore, this application is developed to overcome all the problems that occurred. The main objective of this application is to allow the user to handle inspection checklist, deviation analysis and accident reporting efficiently by using iOS devices such as iPhone and iPad. Hence, using iOS device, instead of using a lot of paper, can do all the tasks. Using Xcode SDK, which is the software that is used to develop iOS application, developed this application. Xcode use Objective-C as the programming language, which is quite similar with other programming languages such as C and C++. The final result of this project is that this application can handle all the three (3 tasks and the form or the findings can be emailed to the Safety and Health Officer (SHO. This application will reduce time consume to conduct safety inspection, deviation and reporting tasks as well as avoid delay that might happen while using the traditional method.

  14. Use of a web site to enhance criticality safety training

    International Nuclear Information System (INIS)

    Huang, Song T.; Morman, James A.

    2003-01-01

    Establishment of the NCSP (Nuclear Criticality Safety Program) website represents one attempt by the NCS (Nuclear Criticality Safety) community to meet the need to enhance communication and disseminate NCS information to a wider audience. With the aging work force in this important technical field, there is a common recognition of the need to capture the corporate knowledge of these people and provide an easily accessible, web-based training opportunity to those people just entering the field of criticality safety. A multimedia-based site can provide a wide range of possibilities for criticality safety training. Training modules could range from simple text-based material, similar to the NCSET (Nuclear Criticality Safety Engineer Training) modules, to interactive web-based training classes, to video lecture series. For example, the Los Alamos National Laboratory video series of interviews with pioneers of criticality safety could easily be incorporated into training modules. Obviously, the development of such a program depends largely upon the need and participation of experts who share the same vision and enthusiasm of training the next generation of criticality safety engineers. The NCSP website is just one example of the potential benefits that web-based training can offer. You are encouraged to browse the NCSP website at http://ncsp.llnl.gov. We solicit your ideas in the training of future NCS engineers and welcome your participation with us in developing future multimedia training modules. (author)

  15. Criticality Safety Evaluation for the TACS at DAF

    Energy Technology Data Exchange (ETDEWEB)

    Percher, C. M. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Heinrichs, D. P. [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

    2011-06-10

    Hands-on experimental training in the physical behavior of multiplying systems is one of ten key areas of training required for practitioners to become qualified in the discipline of criticality safety as identified in DOE-STD-1135-99, Guidance for Nuclear Criticality Safety Engineer Training and Qualification. This document is a criticality safety evaluation of the training activities and operations associated with HS-3201-P, Nuclear Criticality 4-Day Training Course (Practical). This course was designed to also address the training needs of nuclear criticality safety professionals under the auspices of the NNSA Nuclear Criticality Safety Program1. The hands-on, or laboratory, portion of the course will utilize the Training Assembly for Criticality Safety (TACS) and will be conducted in the Device Assembly Facility (DAF) at the Nevada Nuclear Security Site (NNSS). The training activities will be conducted by Lawrence Livermore National Laboratory following the requirements of an Integrated Work Sheet (IWS) and associated Safety Plan. Students will be allowed to handle the fissile material under the supervision of an LLNL Certified Fissile Material Handler.

  16. Intermediate probabilistic safety assessment approach for safety critical digital systems

    International Nuclear Information System (INIS)

    Taeyong, Sung; Hyun Gook, Kang

    2001-01-01

    Even though the conventional probabilistic safety assessment methods are immature for applying to microprocessor-based digital systems, practical needs force to apply it. In the Korea, UCN 5 and 6 units are being constructed and Korean Next Generation Reactor is being designed using the digital instrumentation and control equipment for the safety related functions. Korean regulatory body requires probabilistic safety assessment. This paper analyzes the difficulties on the assessment of digital systems and suggests an intermediate framework for evaluating their safety using fault tree models. The framework deals with several important characteristics of digital systems including software modules and fault-tolerant features. We expect that the analysis result will provide valuable design feedback. (authors)

  17. Computational methods for criticality safety analysis within the scale system

    International Nuclear Information System (INIS)

    Parks, C.V.; Petrie, L.M.; Landers, N.F.; Bucholz, J.A.

    1986-01-01

    The criticality safety analysis capabilities within the SCALE system are centered around the Monte Carlo codes KENO IV and KENO V.a, which are both included in SCALE as functional modules. The XSDRNPM-S module is also an important tool within SCALE for obtaining multiplication factors for one-dimensional system models. This paper reviews the features and modeling capabilities of these codes along with their implementation within the Criticality Safety Analysis Sequences (CSAS) of SCALE. The CSAS modules provide automated cross-section processing and user-friendly input that allow criticality safety analyses to be done in an efficient and accurate manner. 14 refs., 2 figs., 3 tabs

  18. SCALE 5: Powerful new criticality safety analysis tools

    International Nuclear Information System (INIS)

    Bowman, Stephen M.; Hollenbach, Daniel F.; Dehart, Mark D.; Rearden, Bradley T.; Gauld, Ian C.; Goluoglu, Sedat

    2003-01-01

    Version 5 of the SCALE computer software system developed at Oak Ridge National Laboratory, scheduled for release in December 2003, contains several significant new modules and sequences for criticality safety analysis and marks the most important update to SCALE in more than a decade. This paper highlights the capabilities of these new modules and sequences, including continuous energy flux spectra for processing multigroup problem-dependent cross sections; one- and three-dimensional sensitivity and uncertainty analyses for criticality safety evaluations; two-dimensional flexible mesh discrete ordinates code; automated burnup-credit analysis sequence; and one-dimensional material distribution optimization for criticality safety. (author)

  19. Nuclear criticality safety program at the Fuel Cycle Facility

    International Nuclear Information System (INIS)

    Lell, R.M.; Fujita, E.K.; Tracy, D.B.; Klann, R.T.; Imel, G.R.; Benedict, R.W.; Rigg, R.H.

    1994-01-01

    The Fuel Cycle Facility (FCF) is designed to demonstrate the feasibility of a novel commercial-scale remote pyrometallurgical process for metallic fuels from liquid metal-cooled reactors and to show closure of the Integral Fast Reactor (IFR) fuel cycle. Requirements for nuclear criticality safety impose the most restrictive of the various constraints on the operation of FCF. The upper limits on batch sizes and other important process parameters are determined principally by criticality safety considerations. To maintain an efficient operation within appropriate safety limits, it is necessary to formulate a nuclear criticality safety program that integrates equipment design, process development, process modeling, conduct of operations, a measurement program, adequate material control procedures, and nuclear criticality analysis. The nuclear criticality safety program for FCF reflects this integration, ensuring that the facility can be operated efficiently without compromising safety. The experience gained from the conduct of this program in the Fuel cycle Facility will be used to design and safely operate IFR facilities on a commercial scale. The key features of the nuclear criticality safety program are described. The relationship of these features to normal facility operation is also described

  20. Criticality Safety Evaluation of Standard Criticality Safety Requirements #1-520 g Operations in PF-4

    Energy Technology Data Exchange (ETDEWEB)

    Yamanaka, Alan Joseph Jr. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2017-10-13

    Guidance has been requested from the Nuclear Criticality Safety Division (NCSD) regarding processes that involve 520 grams of fissionable material or less. This Level-3 evaluation was conducted and documented in accordance with NCS-AP-004 (Ref. 1), formerly NCS-GUIDE-01. This evaluation is being written as a generic evaluation for all operations that will be able to operate using a 520-gram mass limit. Implementation for specific operations will be performed using a Level 1 CSED, which will confirm and document that this CSED can be used for the specific operation as discussed in NCS-MEMO-17-007 (Ref. 2). This Level 3 CSED updates and supersedes the analysis performed in NCS-TECH-14-014 (Ref. 3).

  1. A Methodological Framework for Software Safety in Safety Critical Computer Systems

    OpenAIRE

    P. V. Srinivas Acharyulu; P. Seetharamaiah

    2012-01-01

    Software safety must deal with the principles of safety management, safety engineering and software engineering for developing safety-critical computer systems, with the target of making the system safe, risk-free and fail-safe in addition to provide a clarified differentaition for assessing and evaluating the risk, with the principles of software risk management. Problem statement: Prevailing software quality models, standards were not subsisting in adequately addressing the software safety ...

  2. Licensing process for safety-critical software-based systems

    International Nuclear Information System (INIS)

    Haapanen, P.; Korhonen, J.; Pulkkinen, U.

    2000-12-01

    System vendors nowadays propose software-based technology even for the most critical safety functions in nuclear power plants. Due to the nature of software faults and the way they cause system failures new methods are needed for the safety and reliability evaluation of these systems. In the research project 'Programmable automation systems in nuclear power plants (OHA)', financed together by the Radiation and Nuclear Safety Authority (STUK), the Ministry of Trade and Industry (KTM) and the Technical Research Centre of Finland (VTT), various safety assessment methods and tools for software based systems are developed and evaluated. As a part of the OHA-work a reference model for the licensing process for software-based safety automation systems is defined. The licensing process is defined as the set of interrelated activities whose purpose is to produce and assess evidence concerning the safety and reliability of the system/application to be licensed and to make the decision about the granting the construction and operation permissions based on this evidence. The parties of the licensing process are the authority, the licensee (the utility company), system vendors and their subcontractors and possible external independent assessors. The responsibility about the production of the evidence in first place lies at the licensee who in most cases rests heavily on the vendor expertise. The evaluation and gauging of the evidence is carried out by the authority (possibly using external experts), who also can acquire additional evidence by using their own (independent) methods and tools. Central issue in the licensing process is to combine the quality evidence about the system development process with the information acquired through tests, analyses and operational experience. The purpose of the licensing process described in this report is to act as a reference model both for the authority and the licensee when planning the licensing of individual applications. Many of the

  3. Licensing process for safety-critical software-based systems

    Energy Technology Data Exchange (ETDEWEB)

    Haapanen, P. [VTT Automation, Espoo (Finland); Korhonen, J. [VTT Electronics, Espoo (Finland); Pulkkinen, U. [VTT Automation, Espoo (Finland)

    2000-12-01

    System vendors nowadays propose software-based technology even for the most critical safety functions in nuclear power plants. Due to the nature of software faults and the way they cause system failures new methods are needed for the safety and reliability evaluation of these systems. In the research project 'Programmable automation systems in nuclear power plants (OHA)', financed together by the Radiation and Nuclear Safety Authority (STUK), the Ministry of Trade and Industry (KTM) and the Technical Research Centre of Finland (VTT), various safety assessment methods and tools for software based systems are developed and evaluated. As a part of the OHA-work a reference model for the licensing process for software-based safety automation systems is defined. The licensing process is defined as the set of interrelated activities whose purpose is to produce and assess evidence concerning the safety and reliability of the system/application to be licensed and to make the decision about the granting the construction and operation permissions based on this evidence. The parties of the licensing process are the authority, the licensee (the utility company), system vendors and their subcontractors and possible external independent assessors. The responsibility about the production of the evidence in first place lies at the licensee who in most cases rests heavily on the vendor expertise. The evaluation and gauging of the evidence is carried out by the authority (possibly using external experts), who also can acquire additional evidence by using their own (independent) methods and tools. Central issue in the licensing process is to combine the quality evidence about the system development process with the information acquired through tests, analyses and operational experience. The purpose of the licensing process described in this report is to act as a reference model both for the authority and the licensee when planning the licensing of individual applications

  4. Critical Characteristics of Radiation Detection System Components to be Dedicated for use in Safety Class and Safety Significant System

    International Nuclear Information System (INIS)

    DAVIS, S.J.

    2000-01-01

    This document identifies critical characteristics of components to be dedicated for use in Safety Significant (SS) Systems, Structures, or Components (SSCs). This document identifies the requirements for the components of the common, radiation area, monitor alarm in the WESF pool cell. These are procured as Commercial Grade Items (CGI), with the qualification testing and formal dedication to be performed at the Waste Encapsulation Storage Facility (WESF) for use in safety significant systems. System modifications are to be performed in accordance with the approved design. Components for this change are commercially available and interchangeable with the existing alarm configuration This document focuses on the operational requirements for alarm, declaration of the safety classification, identification of critical characteristics, and interpretation of requirements for procurement. Critical characteristics are identified herein and must be verified, followed by formal dedication, prior to the components being used in safety related applications

  5. Fissile materials principles of criticality safety in handling and processing

    International Nuclear Information System (INIS)

    1976-01-01

    This Swedish Standard consists of the English version of the International Standard ISO 1709-1975-Nuclear energy. Fissile materials. Principles of criticality safety in handling and processing. (author)

  6. A Test Suite for Safety-Critical Java using JML

    DEFF Research Database (Denmark)

    Ravn, Anders Peter; Søndergaard, Hans

    2013-01-01

    Development techniques are presented for a test suite for the draft specification of the Java profile for Safety-Critical Systems. Distinguishing features are: specification of conformance constraints in the Java Modeling Language, encoding of infrastructure concepts without implementation bias...

  7. Analyses of PWR spent fuel composition using SCALE and SWAT code systems to find correction factors for criticality safety applications adopting burnup credit

    International Nuclear Information System (INIS)

    Shin, Hee Sung; Suyama, Kenya; Mochizuki, Hiroki; Okuno, Hiroshi; Nomura, Yasushi

    2001-01-01

    The isotopic composition calculations were performed for 26 spent fuel samples from the Obrigheim PWR reactor and 55 spent fuel samples from 7 PWR reactors using the SAS2H module of the SCALE4.4 code system with 27, 44 and 238 group cross-section libraries and the SWAT code system with the 107 group cross-section library. For the analyses of samples from the Obrigheim PWR reactor, geometrical models were constructed for each of SCALE4.4/SAS2H and SWAT. For the analyses of samples from 7 PWR reactors, the geometrical model already adopted in the SCALE/SAS2H was directly converted to the model of SWAT. The four kinds of calculation results were compared with the measured data. For convenience, the ratio of the measured to calculated values was used as a parameter. When the ratio is less than unity, the calculation overestimates the measurement, and the ratio becomes closer to unity, they have a better agreement. For many important nuclides for burnup credit criticality safety evaluation, the four methods applied in this study showed good coincidence with measurements in general. More precise observations showed, however: (1) Less unity ratios were found for Pu-239 and -241 for selected 16 samples out of the 26 samples from the Obrigheim reactor (10 samples were deselected because their burnups were measured with Cs-137 non-destructive method, less reliable than Nd-148 method the rest 16 samples were measured with); (2) Larger than unity ratios were found for Am-241 and Cm-242 for both the 16 and 55 samples; (3) Larger than unity ratios were found for Sm-149 for the 55 samples; (4) SWAT was generally accompanied by larger ratios than those of SAS2H with some exceptions. Based on the measured-to-calculated ratios for 71 samples of a combined set in which 16 selected samples and 55 samples were included, the correction factors that should be multiplied to the calculated isotopic compositions were generated for a conservative estimate of the neutron multiplication factor

  8. Nuclear criticality safety. Chapter 0530 of AEC manual

    International Nuclear Information System (INIS)

    2006-01-01

    The programme objectives of this chapter of the U.S. Atomic Energy Commission manual on nuclear criticality safety are to protect the health and safety of the public and of the government and contractor personnel working in plants that handle fissionable material and to protect public and private property from the consequences of a criticality accident occurring in AEC-owned plants and other AEC-contracted activities involving fissionable materials

  9. Parametric Criticality Safety Calculations for Arrays of TRU Waste Containers

    Energy Technology Data Exchange (ETDEWEB)

    Gough, Sean T. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2017-10-26

    The Nuclear Criticality Safety Division (NCSD) has performed criticality safety calculations for finite and infinite arrays of transuranic (TRU) waste containers. The results of these analyses may be applied in any technical area onsite (e.g., TA-54, TA-55, etc.), as long as the assumptions herein are met. These calculations are designed to update the existing reference calculations for waste arrays documented in Reference 1, in order to meet current guidance on calculational methodology.

  10. K-effective as a measure of criticality safety

    International Nuclear Information System (INIS)

    Venner, J.; Haley, R.M.; Bowden, R.L.

    2003-01-01

    This paper considers the relation between the neutron multiplication of a system, k-effective, and critical parameters. It aims to investigate whether k-effective is always the most appropriate measure of safety. For simple systems handbook data can be effectively utilized, applying a safety factor to critical masses. In such situations, the criticality safety margin is readily apparent. However, more complex systems may use the calculated value of neutron multiplication to assess the criticality safety of the system under investigation. A problem arises because there is no exact consistency between k-effective and the physical margin of subcriticality, in terms of parameters such as mass. In the UK, commonly accepted safety criteria are applied to limit the k-effective of the system being assessed. These margins of subcriticality have no definitive justification to support the values chosen and might be considered rather arbitrary in nature. This paper aims to answer this question of suitability by investigating the relation between k-effective and the physical critical parameters for a wide range of systems. It concludes that the safety criteria currently applied in the UK are valid, but some difference exists between safety factors applied to the mass of fissile material present and the corresponding value of k-effective. (author)

  11. Experience with performance based training of nuclear criticality safety engineers

    International Nuclear Information System (INIS)

    Taylor, R.G.

    1993-01-01

    Historically, new entrants to the practice of nuclear criticality safety have learned their job primarily by on-the-job training (OJT) often by association with an experienced nuclear criticality safety engineer who probably also learned their job by OJT. Typically, the new entrant learned what he/she needed to know to solve a particular problem and accumulated experience as more problems were solved. It is likely that more formalism will be required in the future. Current US Department of Energy requirements for those positions which have to demonstrate qualification indicate that it should be achieved by using a systematic approach such as performance based training (PBT). Assuming that PBT would be an acceptable mechanism for nuclear criticality safety engineer training in a more formal environment, a site-specific analysis of the nuclear criticality safety engineer job was performed. Based on this analysis, classes are being developed and delivered to a target audience of newer nuclear criticality safety engineers. Because current interest is in developing training for selected aspects of the nuclear criticality safety engineer job, the analysis i's incompletely developed in some areas. Details of this analysis are provided in this report

  12. CRITICALITY SAFETY LIMIT EVALUATION PROGRAM (CSLEP's) AND QUICK SCREENS: ANSWERS TO EXPEDITED PROCESSING LEGACY CRITICALITY SAFETY LIMITS AND EVALUATIONS

    International Nuclear Information System (INIS)

    TOFFER, H.

    2006-01-01

    Since the end of the cold war, the need for operating weapons production facilities has faded. Criticality Safety Limits and controls supporting production modes in these facilities became outdated and furthermore lacked the procedure based rigor dictated by present day requirements. In the past, in many instances, the formalism of present day criticality safety evaluations was not applied. Some of the safety evaluations amounted to a paragraph in a notebook with no safety basis and questionable arguments with respect to double contingency criteria. When material stabilization, clean out, and deactivation activities commenced, large numbers of these older criticality safety evaluations were uncovered with limits and controls backed up by tenuous arguments. A dilemma developed: on the one hand, cleanup activities were placed on very aggressive schedules; on the other hand, a highly structured approach to limits development was required and applied to the cleanup operations. Some creative approaches were needed to cope with the limits development process

  13. Proceedings of the Nuclear Criticality Technology and Safety Project Workshop

    International Nuclear Information System (INIS)

    Sanchez, R.G.

    1994-01-01

    This report is the proceedings of the annual Nuclear Criticality Technology and Safety Project (NCTSP) Workshop held in Monterey, California, on April 16--28, 1993. The NCTSP was sponsored by the Department of Energy and organized by the Los Alamos Critical Experiments Facility. The report is divided into six sections reflecting the sessions outlined on the workshop agenda

  14. Proceedings of the Nuclear Criticality Technology and Safety Project Workshop

    Energy Technology Data Exchange (ETDEWEB)

    Sanchez, R.G. [comp.

    1994-01-01

    This report is the proceedings of the annual Nuclear Criticality Technology and Safety Project (NCTSP) Workshop held in Monterey, California, on April 16--28, 1993. The NCTSP was sponsored by the Department of Energy and organized by the Los Alamos Critical Experiments Facility. The report is divided into six sections reflecting the sessions outlined on the workshop agenda.

  15. An Approach to Modeling Software Safety in Safety-Critical Systems

    OpenAIRE

    Ben S. Medikonda; Seetha R. Panchumarthy

    2009-01-01

    Software for safety-critical systems has to deal with the hazards identified by safety analysis in order to make the system safe, risk-free and fail-safe. Software safety is a composite of many factors. Problem statement: Existing software quality models like McCalls and Boehms and ISO 9126 were inadequate in addressing the software safety issues of real time safety-critical embedded systems. At present there does not exist any standard framework that comprehensively addresses the Factors, Cr...

  16. Research on neutron source multiplication method in nuclear critical safety

    International Nuclear Information System (INIS)

    Zhu Qingfu; Shi Yongqian; Hu Dingsheng

    2005-01-01

    The paper concerns in the neutron source multiplication method research in nuclear critical safety. Based on the neutron diffusion equation with external neutron source the effective sub-critical multiplication factor k s is deduced, and k s is different to the effective neutron multiplication factor k eff in the case of sub-critical system with external neutron source. The verification experiment on the sub-critical system indicates that the parameter measured with neutron source multiplication method is k s , and k s is related to the external neutron source position in sub-critical system and external neutron source spectrum. The relation between k s and k eff and the effect of them on nuclear critical safety is discussed. (author)

  17. Overview of the Activities of the OECD/NEA/NSC Working Party on Nuclear Criticality Safety

    Energy Technology Data Exchange (ETDEWEB)

    Rugama, Y. [OECD Nuclear Energy Agency, 12, Bd des Iles, 92130 Issy-les-Moulineaux (France); Blomquist, R. [Argonne National Laboratory, 9700 S. Cass Ave., Argonne, IL 60439 (United States); Brady Raap, M. [PNNL, 902 Battelle Blvd, P.O. Box 999, MSIN: K8-34, Richland, Washington 99352 (United States); Briggs, B. [INL, P.O. Box 1625, MS-3860 2525 North Fremont, Idaho Falls, ID 83415-3860 (United States); Gulliford, J. [NEXIA SOLUTIONS B168 Curie Av. Harwell Business Centre Didcot Oxfordshire OX110QT (United Kingdom); Miyoshi, Y.; Suyama, K. [JAEA 2-4 Shirakata-Shirane, Tokai-mura, Naka-gun, Ibaraki-ken, 319-1195 (Japan); Ivanova, T. [IRSN, BP17 - 92262 Fontenay-Aux-Roses Cedex (France)

    2008-07-01

    Over the years, substantial progress has been made in developing nuclear data and computer codes to evaluate criticality safety for nuclear fuel handling. This state-of-the-art knowledge also has an economic impact. Increased understanding of uncertainties in safety margins allow rational and more economical designs for manipulation, storage and transportation of fissile materials. In the mid-nineties, several activities related to criticality-safety were grouped together into the Working Party on Nuclear Criticality Safety. Six expert groups co-ordinate various activities that run the gamut from experimental evaluations to code and data intercomparisons, for the study of static and transient criticality behaviors. The various reports produced by the expert groups attempt to establish practical rules and identify applicable tools when appropriate. (authors)

  18. Design Information from the PSA for Digital Safety-Critical Systems

    International Nuclear Information System (INIS)

    Kang, Hyun Gook; Jang, Seung Cheol

    2005-01-01

    Many safety-critical applications such as nuclear field application usually adopt a similar design strategy for digital safety-critical systems. Their differences from the normal design for the non-safety-critical applications could be summarized as: multiple-redundancy, highly reliable components, strengthened monitoring mechanism, verified software, and automated test procedure. These items are focusing on maintaining the capability to perform the given safety function when it is requested. For the past several decades, probabilistic safety assessment (PSA) techniques are used in the nuclear industry to assess the relative effects of contributing events on plant risk and system reliability. They provide a unifying means of assessing physical faults, recovery processes, contributing effects, human actions, and other events that have a high degree of uncertainty. The applications of PSA provide not only the analysis results of already installed system but also the useful information for the system under design. The information could be derived from the PSA experience of the various safety-critical systems. Thanks to the design flexibility, the digital system is one of the most suitable candidates for risk-informed design (RID). In this article, we will describe the feedbacks for system design and try to develop a procedure for RID. Even though the procedure is not sophisticated enough now, it could be the start point of the further investigation for developing more complete and practical methodology

  19. The International Criticality Safety Benchmark Evaluation Project (ICSBEP)

    International Nuclear Information System (INIS)

    Briggs, J.B.

    2003-01-01

    The International Criticality Safety Benchmark Evaluation Project (ICSBEP) was initiated in 1992 by the United States Department of Energy. The ICSBEP became an official activity of the Organisation for Economic Cooperation and Development (OECD) - Nuclear Energy Agency (NEA) in 1995. Representatives from the United States, United Kingdom, France, Japan, the Russian Federation, Hungary, Republic of Korea, Slovenia, Yugoslavia, Kazakhstan, Israel, Spain, and Brazil are now participating. The purpose of the ICSBEP is to identify, evaluate, verify, and formally document a comprehensive and internationally peer-reviewed set of criticality safety benchmark data. The work of the ICSBEP is published as an OECD handbook entitled 'International Handbook of Evaluated Criticality Safety Benchmark Experiments.' The 2003 Edition of the Handbook contains benchmark model specifications for 3070 critical or subcritical configurations that are intended for validating computer codes that calculate effective neutron multiplication and for testing basic nuclear data. (author)

  20. Nuclear Data Activities in Support of the DOE Nuclear Criticality Safety Program

    International Nuclear Information System (INIS)

    Westfall, R.M.; McKnight, R.D.

    2005-01-01

    The DOE Nuclear Criticality Safety Program (NCSP) provides the technical infrastructure maintenance for those technologies applied in the evaluation and performance of safe fissionable-material operations in the DOE complex. These technologies include an Analytical Methods element for neutron transport as well as the development of sensitivity/uncertainty methods, the performance of Critical Experiments, evaluation and qualification of experiments as Benchmarks, and a comprehensive Nuclear Data program coordinated by the NCSP Nuclear Data Advisory Group (NDAG).The NDAG gathers and evaluates differential and integral nuclear data, identifies deficiencies, and recommends priorities on meeting DOE criticality safety needs to the NCSP Criticality Safety Support Group (CSSG). Then the NDAG identifies the required resources and unique capabilities for meeting these needs, not only for performing measurements but also for data evaluation with nuclear model codes as well as for data processing for criticality safety applications. The NDAG coordinates effort with the leadership of the National Nuclear Data Center, the Cross Section Evaluation Working Group (CSEWG), and the Working Party on International Evaluation Cooperation (WPEC) of the OECD/NEA Nuclear Science Committee. The overall objective is to expedite the issuance of new data and methods to the DOE criticality safety user. This paper describes these activities in detail, with examples based upon special studies being performed in support of criticality safety for a variety of DOE operations

  1. Nuclear Data Activities in Support of the DOE Nuclear Criticality Safety Program

    Science.gov (United States)

    Westfall, R. M.; McKnight, R. D.

    2005-05-01

    The DOE Nuclear Criticality Safety Program (NCSP) provides the technical infrastructure maintenance for those technologies applied in the evaluation and performance of safe fissionable-material operations in the DOE complex. These technologies include an Analytical Methods element for neutron transport as well as the development of sensitivity/uncertainty methods, the performance of Critical Experiments, evaluation and qualification of experiments as Benchmarks, and a comprehensive Nuclear Data program coordinated by the NCSP Nuclear Data Advisory Group (NDAG). The NDAG gathers and evaluates differential and integral nuclear data, identifies deficiencies, and recommends priorities on meeting DOE criticality safety needs to the NCSP Criticality Safety Support Group (CSSG). Then the NDAG identifies the required resources and unique capabilities for meeting these needs, not only for performing measurements but also for data evaluation with nuclear model codes as well as for data processing for criticality safety applications. The NDAG coordinates effort with the leadership of the National Nuclear Data Center, the Cross Section Evaluation Working Group (CSEWG), and the Working Party on International Evaluation Cooperation (WPEC) of the OECD/NEA Nuclear Science Committee. The overall objective is to expedite the issuance of new data and methods to the DOE criticality safety user. This paper describes these activities in detail, with examples based upon special studies being performed in support of criticality safety for a variety of DOE operations.

  2. Criticality Safety Basics for INL FMHs and CSOs

    Energy Technology Data Exchange (ETDEWEB)

    V. L. Putman

    2012-04-01

    Nuclear power is a valuable and efficient energy alternative in our energy-intensive society. However, material that can generate nuclear power has properties that require this material be handled with caution. If improperly handled, a criticality accident could result, which could severely harm workers. This document is a modular self-study guide about Criticality Safety Principles. This guide's purpose it to help you work safely in areas where fissionable nuclear materials may be present, avoiding the severe radiological and programmatic impacts of a criticality accident. It is designed to stress the fundamental physical concepts behind criticality controls and the importance of criticality safety when handling fissionable materials outside nuclear reactors. This study guide was developed for fissionable-material-handler and criticality-safety-officer candidates to use with related web-based course 00INL189, BEA Criticality Safety Principles, and to help prepare for the course exams. These individuals must understand basic information presented here. This guide may also be useful to other Idaho National Laboratory personnel who must know criticality safety basics to perform their assignments safely or to design critically safe equipment or operations. This guide also includes additional information that will not be included in 00INL189 tests. The additional information is in appendices and paragraphs with headings that begin with 'Did you know,' or with, 'Been there Done that'. Fissionable-material-handler and criticality-safety-officer candidates may review additional information at their own discretion. This guide is revised as needed to reflect program changes, user requests, and better information. Issued in 2006, Revision 0 established the basic text and integrated various programs from former contractors. Revision 1 incorporates operation and program changes implemented since 2006. It also incorporates suggestions, clarifications

  3. Criticality Safety Basics for INL FMHs and CSOs

    International Nuclear Information System (INIS)

    Putman, V.L.

    2012-01-01

    Nuclear power is a valuable and efficient energy alternative in our energy-intensive society. However, material that can generate nuclear power has properties that require this material be handled with caution. If improperly handled, a criticality accident could result, which could severely harm workers. This document is a modular self-study guide about Criticality Safety Principles. This guide's purpose it to help you work safely in areas where fissionable nuclear materials may be present, avoiding the severe radiological and programmatic impacts of a criticality accident. It is designed to stress the fundamental physical concepts behind criticality controls and the importance of criticality safety when handling fissionable materials outside nuclear reactors. This study guide was developed for fissionable-material-handler and criticality-safety-officer candidates to use with related web-based course 00INL189, BEA Criticality Safety Principles, and to help prepare for the course exams. These individuals must understand basic information presented here. This guide may also be useful to other Idaho National Laboratory personnel who must know criticality safety basics to perform their assignments safely or to design critically safe equipment or operations. This guide also includes additional information that will not be included in 00INL189 tests. The additional information is in appendices and paragraphs with headings that begin with 'Did you know,' or with, 'Been there Done that'. Fissionable-material-handler and criticality-safety-officer candidates may review additional information at their own discretion. This guide is revised as needed to reflect program changes, user requests, and better information. Issued in 2006, Revision 0 established the basic text and integrated various programs from former contractors. Revision 1 incorporates operation and program changes implemented since 2006. It also incorporates suggestions, clarifications, and additional information

  4. Product Engineering Class in the Software Safety Risk Taxonomy for Building Safety-Critical Systems

    Science.gov (United States)

    Hill, Janice; Victor, Daniel

    2008-01-01

    When software safety requirements are imposed on legacy safety-critical systems, retrospective safety cases need to be formulated as part of recertifying the systems for further use and risks must be documented and managed to give confidence for reusing the systems. The SEJ Software Development Risk Taxonomy [4] focuses on general software development issues. It does not, however, cover all the safety risks. The Software Safety Risk Taxonomy [8] was developed which provides a construct for eliciting and categorizing software safety risks in a straightforward manner. In this paper, we present extended work on the taxonomy for safety that incorporates the additional issues inherent in the development and maintenance of safety-critical systems with software. An instrument called a Software Safety Risk Taxonomy Based Questionnaire (TBQ) is generated containing questions addressing each safety attribute in the Software Safety Risk Taxonomy. Software safety risks are surfaced using the new TBQ and then analyzed. In this paper we give the definitions for the specialized Product Engineering Class within the Software Safety Risk Taxonomy. At the end of the paper, we present the tool known as the 'Legacy Systems Risk Database Tool' that is used to collect and analyze the data required to show traceability to a particular safety standard

  5. Test process for the safety-critical embedded software

    International Nuclear Information System (INIS)

    Sung, Ahyoung; Choi, Byoungju; Lee, Jangsoo

    2004-01-01

    Digitalization of nuclear Instrumentation and Control (I and C) system requires high reliability of not only hardware but also software. Verification and Validation (V and V) process is recommended for software reliability. But a more quantitative method is necessary such as software testing. Most of software in the nuclear I and C system is safety-critical embedded software. Safety-critical embedded software is specified, verified and developed according to V and V process. Hence two types of software testing techniques are necessary for the developed code. First, code-based software testing is required to examine the developed code. Second, after code-based software testing, software testing affected by hardware is required to reveal the interaction fault that may cause unexpected results. We call the testing of hardware's influence on software, an interaction testing. In case of safety-critical embedded software, it is also important to consider the interaction between hardware and software. Even if no faults are detected when testing either hardware or software alone, combining these components may lead to unexpected results due to the interaction. In this paper, we propose a software test process that embraces test levels, test techniques, required test tasks and documents for safety-critical embedded software. We apply the proposed test process to safety-critical embedded software as a case study, and show the effectiveness of it. (author)

  6. Analyzing Software Requirements Errors in Safety-Critical, Embedded Systems

    Science.gov (United States)

    Lutz, Robyn R.

    1993-01-01

    This paper analyzes the root causes of safety-related software errors in safety-critical, embedded systems. The results show that software errors identified as potentially hazardous to the system tend to be produced by different error mechanisms than non- safety-related software errors. Safety-related software errors are shown to arise most commonly from (1) discrepancies between the documented requirements specifications and the requirements needed for correct functioning of the system and (2) misunderstandings of the software's interface with the rest of the system. The paper uses these results to identify methods by which requirements errors can be prevented. The goal is to reduce safety-related software errors and to enhance the safety of complex, embedded systems.

  7. Safety impacts of bicycle infrastructure: A critical review.

    Science.gov (United States)

    DiGioia, Jonathan; Watkins, Kari Edison; Xu, Yanzhi; Rodgers, Michael; Guensler, Randall

    2017-06-01

    This paper takes a critical look at the present state of bicycle infrastructure treatment safety research, highlighting data needs. Safety literature relating to 22 bicycle treatments is examined, including findings, study methodologies, and data sources used in the studies. Some preliminary conclusions related to research efficacy are drawn from the available data and findings in the research. While the current body of bicycle safety literature points toward some defensible conclusions regarding the safety and effectiveness of certain bicycle treatments, such as bike lanes and removal of on-street parking, the vast majority treatments are still in need of rigorous research. Fundamental questions arise regarding appropriate exposure measures, crash measures, and crash data sources. This research will aid transportation departments with regard to decisions about bicycle infrastructure and guide future research efforts toward understanding safety impacts of bicycle infrastructure. Copyright © 2017 Elsevier Ltd and National Safety Council. All rights reserved.

  8. The Health and Safety Executive's regulatory framework for control of nuclear criticality safety

    International Nuclear Information System (INIS)

    Smith, K.; Simister, D.N.

    1991-01-01

    In the United Kingdom the Health and Safety at Work Act, 1974 is the main legal instrument under which risks to people from work activities are controlled. Certain sections of the Nuclear Installations Act, 1965 which deal with the licensing of nuclear sites and the regulatory control of risks arising from them, including the risk from accidental criticality, are relevant statutory provisions of the Health and Safety at Work Act. The responsibility for safety rests with the operator who has to make and implement arrangements to prevent accidental criticality. The adequacy of these arrangements must be demonstrated in a safety case to the regulatory authorities. Operators are encouraged to treat each plant on its own merits and develop the safety case accordingly. The Nuclear Installations Inspectorate (NII), for its part, assesses the adequacy of the operator's safety case against the industry's own standards and criteria, but more particularly against the NII's safety assessment principles and guides, and international standards. Risks should be made as low as reasonably practicable. Generally, the NII seeks improvements in safety using an enforcement policy which operates at a number of levels, ranging from persuasion through discussion to the ultimate deterrent of withdrawal of a site licence. This paper describes the role of the NII, which includes a specialist criticality expertise, within the Health and Safety Executive, in regulating the nuclear sites from the criticality safety viewpoint. (Author)

  9. Criticality Safety Code Validation with LWBR’s SB Cores

    Energy Technology Data Exchange (ETDEWEB)

    Putman, Valerie Lee

    2003-01-01

    The first set of critical experiments from the Shippingport Light Water Breeder Reactor Program included eight, simple geometry critical cores built with 233UO2-ZrO2, 235UO2-ZrO2, ThO2, and ThO2-233UO2 nuclear materials. These cores are evaluated, described, and modeled to provide benchmarks and validation information for INEEL criticality safety calculation methodology. In addition to consistency with INEEL methodology, benchmark development and nuclear data are consistent with International Criticality Safety Benchmark Evaluation Project methodology.Section 1 of this report introduces the experiments and the reason they are useful for validating some INEEL criticality safety calculations. Section 2 provides detailed experiment descriptions based on currently available experiment reports. Section 3 identifies criticality safety validation requirement sources and summarizes requirements that most affect this report. Section 4 identifies relevant hand calculation and computer code calculation methodologies used in the experiment evaluation, benchmark development, and validation calculations. Section 5 provides a detailed experiment evaluation. This section identifies resolutions for currently unavailable and discrepant information. Section 5 also reports calculated experiment uncertainty effects. Section 6 describes the developed benchmarks. Section 6 includes calculated sensitivities to various benchmark features and parameters. Section 7 summarizes validation results. Appendices describe various assumptions and their bases, list experimenter calculations results for items that were independently calculated for this validation work, report other information gathered and developed by SCIENTEC personnel while evaluating these same experiments, and list benchmark sample input and miscellaneous supplementary data.

  10. Impact of e-safety applications on cyclists' safety.

    Science.gov (United States)

    Tripodi, Antonino; Persia, Luca

    2015-01-01

    In years to come, urban areas face the challenge of making transport sustainable in terms of environment and competitiveness. Cycling is a perfect transport means in urban areas. Cyclists have a high casualty rate and should be given special attention in road safety policy. Actions to promote cycling in cities should go together with improving road safety. ICT can be used to develop intelligent applications assisting cyclists to avoid, prevent or mitigate accidents. This paper presents the results of activities focused on the assessment of impacts of ICT on the safety of cyclists, realised in the framework of the EU project SAFECYCLE ( www.safecycle.eu ). E-safety applications were identified that can enhance the safety of cyclists in Europe. Eleven applications were analysed in term of benefits and costs. The results highlighted important differences between European countries in term of awareness about cycling, knowledge about ICT applications and also impacts of these applications.

  11. The International Criticality Safety Benchmark Evaluation Project on the Internet

    International Nuclear Information System (INIS)

    Briggs, J.B.; Brennan, S.A.; Scott, L.

    2000-01-01

    The International Criticality Safety Benchmark Evaluation Project (ICSBEP) was initiated in October 1992 by the US Department of Energy's (DOE's) defense programs and is documented in the Transactions of numerous American Nuclear Society and International Criticality Safety Conferences. The work of the ICSBEP is documented as an Organization for Economic Cooperation and Development (OECD) handbook, International Handbook of Evaluated Criticality Safety Benchmark Experiments. The ICSBEP Internet site was established in 1996 and its address is http://icsbep.inel.gov/icsbep. A copy of the ICSBEP home page is shown in Fig. 1. The ICSBEP Internet site contains the five primary links. Internal sublinks to other relevant sites are also provided within the ICSBEP Internet site. A brief description of each of the five primary ICSBEP Internet site links is given

  12. Sensitivity-Uncertainty Based Nuclear Criticality Safety Validation

    Energy Technology Data Exchange (ETDEWEB)

    Brown, Forrest B. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Univ. of New Mexico, Albuquerque, NM (United States). Nuclear Engineering Dept.

    2016-09-20

    These are slides from a seminar given to the University of Mexico Nuclear Engineering Department. Whisper is a statistical analysis package developed to support nuclear criticality safety validation. It uses the sensitivity profile data for an application as computed by MCNP6 along with covariance files for the nuclear data to determine a baseline upper-subcritical-limit for the application. Whisper and its associated benchmark files are developed and maintained as part of MCNP6, and will be distributed with all future releases of MCNP6. Although sensitivity-uncertainty methods for NCS validation have been under development for 20 years, continuous-energy Monte Carlo codes such as MCNP could not determine the required adjoint-weighted tallies for sensitivity profiles. The recent introduction of the iterated fission probability method into MCNP led to the rapid development of sensitivity analysis capabilities for MCNP6 and the development of Whisper. Sensitivity-uncertainty based methods represent the future for NCS validation – making full use of today’s computer power to codify past approaches based largely on expert judgment. Validation results are defensible, auditable, and repeatable as needed with different assumptions and process models. The new methods can supplement, support, and extend traditional validation approaches.

  13. Critical safety function guidelines for experimental fusion facilities

    International Nuclear Information System (INIS)

    Cadwallader, L.C.

    1989-01-01

    As fusion experiments proceed toward deuterium-tritium operation, more attention is being given to public safety. This paper presents the four classes of functions that fusion experiments must provide to assure safe, stable shutdown and retention of radionuclides. These functions are referred to as critical safety functions (CSFs). Selecting CSFs is an important step in probabilistic risk assessment (PRA). An example of CSF selection and usage for the Compact Ignition Tokamak (CIT) is also presented. 10 refs., 6 figs

  14. Criticality safety implementation, operations, and training for TMI-2 defueling

    International Nuclear Information System (INIS)

    Knief, R.A.; Fergus, I.E.

    1986-01-01

    The nuclear criticality safety of the accident-damaged Three Mile Island Unit 2 (TMI-2) reactor has depended primarily on the use of soluble neutron poison. Detailed calculations have been performed to establish the boric acid concentrations needed for subcriticality of postulated core configurations related to recovery and defueling activities. Based on the minimum acceptable boron concentration, operating requirements were developed, safety reviews conducted, strategies and procedures implemented, and training conducted

  15. Criticality safety for TMI-2 canister storage at INEL

    International Nuclear Information System (INIS)

    Jones, R.R.; Briggs, J.B.; Ayers, A.L. Jr.

    1986-01-01

    Canisters containing Three Mile Island Unit 2 (TMI-2) core debris will be researched, stored, and prepared for final disposition at the Idaho National Engineering Laboratory (INEL). The canisters will be placed into storage modules and assembled into a storage rack, which will be located in the Test Area North (TAN) storage pool. Criticality safety calculations were made (a) to ensure that the storage rack is safe for both normal and accident conditions and (b) to determine the effects of degradation of construction materials (Boraflex and polyethylene) on criticality safety

  16. Safety critical systems handbook a straightforward guide to functional safety : IEC 61508 (2010 edition) and related standards

    CERN Document Server

    Smith, David J

    2010-01-01

    Electrical, electronic and programmable electronic systems increasingly carry out safety functions to guard workers and the public against injury or death and the environment against pollution. The international functional safety standard IEC 61508 was revised in 2010, and this is the first comprehensive guide available to the revised standard. As functional safety is applicable to many industries, this book will have a wide readership beyond the chemical and process sector, including oil and gas, power generation, nuclear, aircraft, and automotive industries, plus project, instrumentation, design, and control engineers. * The only comprehensive guide to IEC 61508, updated to cover the 2010 amendments, that will ensure engineers are compliant with the latest process safety systems design and operation standards* Helps readers understand the process required to apply safety critical systems standards* Real-world approach helps users to interpret the standard, with case studies and best practice design examples...

  17. Critical Ethnography, Cultural Safety, and International Nursing Research

    OpenAIRE

    Jean N. Harrowing PhD; Judy Mill PhD; Jude Spiers PhD; Judith Kulig PhD; Walter Kipp PhD

    2010-01-01

    Critical qualitative methodology provides a strategy to examine the human experience and its relationship to power and truth. Cultural safety is a concept that has been applied to nursing education and practice and refers to interactions that acknowledge and respect the unique cultural background of patients. It recognizes power inequities between caregivers who belong to dominant cultures and patients who may belong to oppressed groups. Culture is interpreted from a critical constructivist p...

  18. Merger of Nuclear Data with Criticality Safety Calculations

    Energy Technology Data Exchange (ETDEWEB)

    Derrien, H.; Larson, N.M.; Leal, L.C.

    1999-09-20

    In this paper we report on current activities related to the merger of differential/integral data (especially in the resolved-resonance region) with nuclear criticality safety computations. Techniques are outlined for closer coupling of many processes � measurement, data reduction, differential-data analysis, integral-data analysis, generating multigroup cross sections, data-testing, criticality computations � which in the past have been treated independently.

  19. Merger of Nuclear Data with Criticality Safety Calculations

    International Nuclear Information System (INIS)

    Derrien, H.; Larson, N.M.; Leal, L.C.

    1999-01-01

    In this paper we report on current activities related to the merger of differential/integral data (especially in the resolved-resonance region) with nuclear criticality safety computations. Techniques are outlined for closer coupling of many processes measurement, data reduction, differential-data analysis, integral-data analysis, generating multigroup cross sections, data-testing, criticality computations which in the past have been treated independently

  20. Safety analysis of the Los Alamos critical experiments facility

    International Nuclear Information System (INIS)

    Paxton, H.C.

    1975-10-01

    The safety of Pajarito Site critical assembly operations depends upon protection built into the facility, upon knowledgeable personnel, and upon good practice as defined by operating procedures and experimental plans. Distance, supplemented by shielding in some cases, would protect personnel against an extreme accident generating 10 19 fissions. During the facility's 28-year history, the direct cost of criticality accidents has translated to a risk of less than $200 per year

  1. CRISTAL: a french criticality code package to assess nuclear installation criticality safety

    International Nuclear Information System (INIS)

    Michel, E Doucet; Comte, N.; Jean Michel Gomit; Eric Letang; Chrsitine Magnaud; Christophe Venard; Herve Toubon; Cogema

    2005-01-01

    For more than thirty years, CEA, IRSN and the French nuclear industry have been combining their efforts to finance, develop and validate computer codes to assess the criticality safety concerns of nuclear installations, transport casks, and reprocessing facilities. As one of the major world fuel vendors, Framatome ANP is deeply involved in defining code developments which incorporate feedback from both users and customers. The result of these continuous efforts is the evolutionary CRISTAL code. The CRISTAL package was developed as an easy-to-use system using cross-section libraries (JEF 2.2 and CEA93), well-established computer codes (APOLLO2, MORET 4 and TRIPOLI-4) and including a Graphical User-Friendly Interface. The APOLLO2 computer code, a spectral code used for evaluating the basic characteristics of fuel assemblies, has been upgraded to perform criticality safety calculations. The MORET 4 computer code is a neutron simulation code in three dimensions which uses the multigroup formalism for cross-sections and the Monte Carlo method to solve the Boltzmann equation. Through the years, the CRISTAL package has been improved to take into account both the growth of its validation database and the increasing user requirements. Today, CRISTAL V0 is an up-to-date computational tool incorporating the comprehensive APOLLO2 and MORET 4 computer codes; CRISTAL V0 is the result of more than five years of development work focusing on theoretical approaches and on the implementation of user-friendly graphical interfaces. Thanks to its broad validation database, CRISTAL V0 provides outstanding accuracy of criticality evaluation for configurations covering the entire fuel cycle life (i.e. from fuel enrichment, pellet/assembly fabrication and transport casks to fuel reprocessing). With more than a thousand benchmark/calculation comparisons, uncertainties can be deduced for various file media, fissile shapes, fissile process interactions, neutron-poisoning screens and material

  2. Reactor critical benchmark calculations for burnup credit applications

    International Nuclear Information System (INIS)

    Renier, J.P.; Parks, C.V.

    1990-01-01

    In the criticality safety analyses for the development and certification of spent fuel casks, the current approach requires the assumption of ''fresh fuel'' isotopics. It has been shown that the removal of the ''fresh fuel'' assumption and the use of spent fuel isotopics (''burnup credit'') greatly increases the payload of spent fuel casks by reducing the reactivity of the fuel. Regulatory approval of burnup credit and the requirements of ANSI/ANS 8.1 specify that calculational methods for away-from-reactor criticality safety analyses be validated against experimental measurements. Criticality analyses for low-enriched lattices of fuel pins using the ''fresh fuel isotopics'' assumption have been widely benchmarked against applicable critical experiments. However, the same computational methods have not been benchmarked against criticals containing spent fuel because of the non-existence of spent fuel critical experiments. Commercial reactors offer an excellent and inexhaustible source of critical configurations against which criticality analyses can be benchmarked for spent fuel configurations. This document provides brief descriptions of the benchmarks and the computational methods for the criticality analyses. 8 refs., 1 fig., 1 tab

  3. Nuclear criticality safety training: guidelines for DOE contractors

    International Nuclear Information System (INIS)

    Crowell, M.R.

    1983-09-01

    The DOE Order 5480.1A, Chapter V, Safety of Nuclear Facilities, establishes safety procedures and requirements for DOE nuclear facilities. This guide has been developed as an aid to implementing the Chapter V requirements pertaining to nuclear criticality safety training. The guide outlines relevant conceptual knowledge and demonstrated good practices in job performance. It addresses training program operations requirements in the areas of employee evaluations, employee training records, training program evaluations, and training program records. It also suggests appropriate feedback mechanisms for criticality safety training program improvement. The emphasis is on academic rather than hands-on training. This allows a decoupling of these guidelines from specific facilities. It would be unrealistic to dictate a universal program of training because of the wide variation of operations, levels of experience, and work environments among DOE contractors and facilities. Hence, these guidelines do not address the actual implementation of a nuclear criticality safety training program, but rather they outline the general characteristics that should be included

  4. Chip-Multiprocessor Hardware Locks for Safety-Critical Java

    DEFF Research Database (Denmark)

    Strøm, Torur Biskopstø; Puffitsch, Wolfgang; Schoeberl, Martin

    2013-01-01

    and may void a task set's schedulability. In this paper we present a hardware locking mechanism to reduce the synchronization overhead. The solution is implemented for the chip-multiprocessor version of the Java Optimized Processor in the context of safety-critical Java. The implementation is compared...

  5. Criticality safety enhancements for SCALE 6.2 and beyond

    International Nuclear Information System (INIS)

    Rearden, Bradley T.; Bekar, Kursat B.; Celik, Cihangir; Clarno, Kevin T.; Dunn, Michael E.; Hart, Shane W.; Ibrahim, Ahmad M.; Johnson, Seth R.; Langley, Brandon R.; Lefebvre, Jordan P.; Lefebvre, Robert A.; Marshall, William J.; Mertyurek, Ugur; Mueller, Don; Peplow, Douglas E.; Perfetti, Christopher M.; Petrie Jr, Lester M.; Thompson, Adam B.; Wiarda, Dorothea; Wieselquist, William A.; Williams, Mark L.

    2015-01-01

    SCALE is a widely used suite of tools for nuclear systems modeling and simulation that provides comprehensive, verified and validated, user-friendly capabilities for criticality safety, reactor physics, radiation shielding, and sensitivity and uncertainty analysis. Since 1980, regulators, industry, and research institutions around the world have relied on SCALE for nuclear safety analysis and design. SCALE 6.2 provides several new capabilities and significant improvements in many existing features for criticality safety analysis. Enhancements are realized for nuclear data; multigroup resonance self-shielding; continuous-energy Monte Carlo analysis for sensitivity/uncertainty analysis, radiation shielding, and depletion; and graphical user interfaces. An overview of these capabilities is provided in this paper, and additional details are provided in several companion papers.

  6. Criticality safety enhancements for SCALE 6.2 and beyond

    Energy Technology Data Exchange (ETDEWEB)

    Rearden, Bradley T. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Bekar, Kursat B. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Celik, Cihangir [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Clarno, Kevin T. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Dunn, Michael E. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Hart, Shane W. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Ibrahim, Ahmad M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Johnson, Seth R. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Langley, Brandon R. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Lefebvre, Jordan P. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Lefebvre, Robert A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Marshall, William J. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Mertyurek, Ugur [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Mueller, Don [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Peplow, Douglas E. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Perfetti, Christopher M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Petrie Jr, Lester M. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Thompson, Adam B. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Wiarda, Dorothea [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Wieselquist, William A. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Williams, Mark L. [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

    2015-09-01

    SCALE is a widely used suite of tools for nuclear systems modeling and simulation that provides comprehensive, verified and validated, user-friendly capabilities for criticality safety, reactor physics, radiation shielding, and sensitivity and uncertainty analysis. Since 1980, regulators, industry, and research institutions around the world have relied on SCALE for nuclear safety analysis and design. SCALE 6.2 provides several new capabilities and significant improvements in many existing features for criticality safety analysis. Enhancements are realized for nuclear data; multigroup resonance self-shielding; continuous-energy Monte Carlo analysis for sensitivity/uncertainty analysis, radiation shielding, and depletion; and graphical user interfaces. An overview of these capabilities is provided in this paper, and additional details are provided in several companion papers.

  7. Integration of Several Elements of the DOE Nuclear Criticality Safety Program

    International Nuclear Information System (INIS)

    Valentine, T.E.

    2001-01-01

    The U. S. Department of Energy established the Nuclear Criticality Safety Program (NCSP) to maintain the infrastructure and expertise in nuclear criticality safety to support line criticality safety programs at various DOE sites. The seven tasks of the NCSP include critical experiments, benchmarking, nuclear data, analytical methods, applicable ranges of bounding curves and data, information preservation and dissemination, and training and qualification. The goals of this program are to improve the knowledge, tools, data, guidance, and information available to the nuclear criticality safety community. In addition various elements of the NCSP are integrated together to provide the nuclear criticality safety community with the most precise nuclear data for criticality safety analyses. This paper describes how several elements of the NCSP were integrated together in the evaluation of the silicon nuclear data. Silicon is frequently encountered in decontamination and decommissioning efforts, process sludge and settling tanks, in situ vitrification, and waste remediation efforts (including waste storage, retrieval, characterization, volume reduction, and stabilization). Silicon was also identified as an important isotope for addressing concerns associated with the storage of spent nuclear fuels in a geologic repository. The inadequacy of the silicon nuclear data in the intermediate energy region mandated that additional neutron capture cross-section measurements had to be performed that encompassed the resolved resonance region. An evaluation was performed that included analysis of the most recent neutron capture and existing transmission cross-section measurements performed at the Oak Ridge Electron Linear Accelerator. Critical experiments were performed at the Institute of Physics and Power Engineering in Obninsk, Russia because of the lack of critical experiment data for analysis of storage of nuclear material in a geologic repository. These critical experiments were

  8. Use of PCs and workstations for criticality safety analysis

    International Nuclear Information System (INIS)

    Watmough, M.H.; Evans, A.M.; Smith, N.R.

    1993-01-01

    Making effective use of the best available computer technology has long been a feature of U.K. criticality safety analyses. In recent years, the industry's drive for improvements in design safety assessment practice has been supplemented by increasing commercial awareness, bringing further emphasis to the consideration of cost-effectiveness in criticality computation. Consequently, there has been an evolution of computing facilities seen by U.K. criticality assessors from the mainframe terminals of the 1970s through minicomputers in the 1980s to graphical workstations and, most recently, personal computers (PCs) in the 1990s. These moves have been initiated by the availability of hardware capable of providing adequate performance and facilitated by cooperation and subsequently formal collaboration between British Nuclear Fuels Limited (BNFL) and the Atomic Energy Authority (AEA) in the field of software development

  9. Lecture Notes on Criticality Safety Validation Using MCNP & Whisper

    Energy Technology Data Exchange (ETDEWEB)

    Brown, Forrest B. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Rising, Michael Evan [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Alwin, Jennifer Louise [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2016-03-11

    Training classes for nuclear criticality safety, MCNP documentation. The need for, and problems surrounding, validation of computer codes and data area considered first. Then some background for MCNP & Whisper is given--best practices for Monte Carlo criticality calculations, neutron spectra, S(α,β) thermal neutron scattering data, nuclear data sensitivities, covariance data, and correlation coefficients. Whisper is computational software designed to assist the nuclear criticality safety analyst with validation studies with the Monte Carlo radiation transport package MCNP. Whisper's methodology (benchmark selection – Ck's, weights; extreme value theory – bias, bias uncertainty; MOS for nuclear data uncertainty – GLLS) and usage are discussed.

  10. SRTC criticality safety technical review: Nuclear criticality safety evaluation 94-02, uranium solidification facility pencil tank module spacing

    International Nuclear Information System (INIS)

    Rathbun, R.

    1994-01-01

    Review of NMP-NCS-94-0087, ''Nuclear Criticality Safety Evaluation 94-02: Uranium Solidification Facility Pencil Tank Module Spacing (U), April 18, 1994,'' was requested of the SRTC Applied Physics Group. The NCSE is a criticality assessment to show that the USF process module spacing, as given in Non-Conformance Report SHM-0045, remains safe for operation. The NCSE under review concludes that the module spacing as given in Non-Conformance Report SHM-0045 remains in a critically safe configuration for all normal and single credible abnormal conditions. After a thorough review of the NCSE, this reviewer agrees with that conclusion

  11. Implications of Monte Carlo Statistical Errors in Criticality Safety Assessments

    International Nuclear Information System (INIS)

    Pevey, Ronald E.

    2005-01-01

    Most criticality safety calculations are performed using Monte Carlo techniques because of Monte Carlo's ability to handle complex three-dimensional geometries. For Monte Carlo calculations, the more histories sampled, the lower the standard deviation of the resulting estimates. The common intuition is, therefore, that the more histories, the better; as a result, analysts tend to run Monte Carlo analyses as long as possible (or at least to a minimum acceptable uncertainty). For Monte Carlo criticality safety analyses, however, the optimization situation is complicated by the fact that procedures usually require that an extra margin of safety be added because of the statistical uncertainty of the Monte Carlo calculations. This additional safety margin affects the impact of the choice of the calculational standard deviation, both on production and on safety. This paper shows that, under the assumptions of normally distributed benchmarking calculational errors and exact compliance with the upper subcritical limit (USL), the standard deviation that optimizes production is zero, but there is a non-zero value of the calculational standard deviation that minimizes the risk of inadvertently labeling a supercritical configuration as subcritical. Furthermore, this value is shown to be a simple function of the typical benchmarking step outcomes--the bias, the standard deviation of the bias, the upper subcritical limit, and the number of standard deviations added to calculated k-effectives before comparison to the USL

  12. Diversity for security: case assessment for FPGA-based safety-critical systems

    Directory of Open Access Journals (Sweden)

    Kharchenko Vyacheslav

    2016-01-01

    Full Text Available Industrial safety critical instrumentation and control systems (I&Cs are facing more with information (in general and cyber, in particular security threats and attacks. The application of programmable logic, first of all, field programmable gate arrays (FPGA in critical systems causes specific safety deficits. Security assessment techniques for such systems are based on heuristic knowledges and the expert judgment. Main challenge is how to take into account features of FPGA technology for safety critical I&Cs including systems in which are applied diversity approach to minimize risks of common cause failure. Such systems are called multi-version (MV systems. The goal of the paper is in description of the technique and tool for case-based security assessment of MV FPGA-based I&Cs.

  13. Agility in Development of Safety-Critical Software: A Conceptual Model

    DEFF Research Database (Denmark)

    Tordrup Heeager, Lise; Nielsen, Peter Axel

    2018-01-01

    that there are important research gaps that need to be investigated. We suggest that future research should have a primary focus on the relationships: 1) on the dynamics of the whole field, 2) on incremental versus iterative development and 3) on how to create value with minimal but sufficient effort.......Safety-critical information systems are being used increasingly as we see applications in new areas such as personal medical devices, traffic control and detection of pathogens. A current research debate is whether safety-critical systems must be developed with traditional waterfall processes...... or agile processes which are faster and will lead to better products. In this paper we review the diverse research literature on agility in safety-critical software development. There are key propositions that we pull from the literature and combine into a framework for understanding the foundational...

  14. Risk Matrix-Based Method for Critical Infrastructure Safety Assessment Taking into Account Interdependencies

    Directory of Open Access Journals (Sweden)

    Brezhnev Eugene

    2016-01-01

    Full Text Available This paper is devoted to development of method for critical infrastructure (CI safety assessment taking into account the different types of interdependencies: logical, physical, geographical, etc. There are many existing approaches for CI safety assessment. But the limited number of them consider the interdependencies focused on safety. Only few of them focus on interdependencies formalization. The suggested approach is based on application of risk matrixes built for each CI systems. Criticality of state is considered as safety value. The risk matrixes are developed for each CI life stage. The initial risk matrix is developed during CI design stage. All operational risk matrixes are built based on fuzzy logic and system field data.

  15. Criticality safety assessment of WWER-1000 spent fuel cask

    International Nuclear Information System (INIS)

    Apostolov, T.; Manolova, M.; Prodanova, R.

    2001-01-01

    A methodology that allows taking credit for burnup in the criticality safety analysis of WWER spent fuel casks is presented. It is based on the two world well known and used code systems:NESSEL-NUKO for depletion and SCALE-4.4 for criticality calculations. The results of criticality calculations of WWER-1000 spent fuel storage and transportation cask, applying burnup credit is shown. The depletion calculations have been carried out for three types of WWER-1000 fuel assemblies (with enrichment of 3.0%, 3.3% and 3.3% profiled) by modelling the real operational history of the first three fuel cycles at unit 6, Kozloduy NPP. The criticality calculational model has been developed on the basis of real fuel cask, designed by the Izorskie zavody. The results obtained show that the criticality safety criterion K eff < 0.95 is satisfied for both fresh and spent fuel. Besides, the implementation of burnup credit accounts for the reduced reactivity of spent fuel and allows evaluating the conservatism of the fresh fuel assumption. (author)

  16. Application of SAE ARP4754A to Flight Critical Systems

    Science.gov (United States)

    Peterson, Eric M.

    2015-01-01

    This report documents applications of ARP4754A to the development of modern computer-based (i.e., digital electronics, software and network-based) aircraft systems. This study is to offer insight and provide educational value relative to the guidelines in ARP4754A and provide an assessment of the current state-of-the- practice within industry and regulatory bodies relative to development assurance for complex and safety-critical computer-based aircraft systems.

  17. Nuclear criticality safety program development using necessary and sufficient standards

    Energy Technology Data Exchange (ETDEWEB)

    Croucher, D.W.; Stachowiak, R.V. [Kaiser-Hill Co., LLC, Golden, CO (United States); Wilson, R.E. [Safe Sites of Colorado, Golden, CO (United States)

    1996-12-31

    The U.S. Department of Energy`s (DOE`s) Necessary and Sufficient Standards Closure Process has been used to develop a new criticality, safety program manual for the Rocky Flats Environmental Technology Site (RFETS). Standards define and communicate the expectations for performance of work. The purpose of the necessary and sufficient standards closure process is to apply standards determined to be necessary and sufficient for protecting the workers, the public, and the environment. This ensures that the applied standards add value to the performance of the activity; work effectiveness is increased. The purpose of this paper is to briefly describe the process and the results for the selection of national criticality safety standards for use at the Rocky Flats facilities.

  18. Comparative analysis of operation and safety of subcritical nuclear systems and innovative critical reactors

    International Nuclear Information System (INIS)

    Bokov, P.M.

    2005-05-01

    The main goal of this thesis work is to investigate the role of core subcriticality for safety enhancement of advanced nuclear systems, in particular, molten salt reactors, devoted to both energy production and waste incineration/transmutation. The inherent safety is considered as ultimate goal of this safety improvement. An attempt to apply a systematic approach for the analysis of the subcriticality contribution to inherent properties of hybrid system was performed. The results of this research prove that in many cases the subcriticality may improve radically the safety characteristics of nuclear reactors, and in some configurations it helps to reach the 'absolute' intrinsic safety. In any case, a proper choice of subcriticality level makes all analyzed transients considerably slower and monotonic. It was shown that the weakest point of the independent-source systems with respect to the intrinsic safety is thermohydraulic unprotected transients, while in the case of the coupled-source systems the excess reactivity/current insertion events remain a matter of concern. To overcome these inherent drawbacks a new principle of realization of a coupled sub-critical system (DENNY concept) is proposed. In addition, the ways to remedy some particular safety-related problems with the help of the core sub-criticality are demonstrated. A preliminary safety analysis of the fast-spectrum molten salt reactor (REBUS concept) is also carried out in this thesis work. Finally, the potential of the alternative (to spallation) neutron sources for application in hybrid systems is examined. (author)

  19. Safety culture and subcontractor network governance in a complex safety critical project

    International Nuclear Information System (INIS)

    Oedewald, Pia; Gotcheva, Nadezhda

    2015-01-01

    In safety critical industries many activities are currently carried out by subcontractor networks. Nevertheless, there are few studies where the core dimensions of resilience would have been studied in safety critical network activities. This paper claims that engineering resilience into a system is largely about steering the development of culture of the system towards better ability to anticipate, monitor, respond and learn. Thus, safety culture literature has relevance in resilience engineering field. This paper analyzes practical and theoretical challenges in applying the concept of safety culture in a complex, dynamic network of subcontractors involved in the construction of a new nuclear power plant in Finland, Olkiluoto 3. The concept of safety culture is in focus since it is widely used in nuclear industry and bridges the scientific and practical interests. This paper approaches subcontractor networks as complex systems. However, the management model of the Olkiluoto 3 project is to a large degree a traditional top-down hierarchy, which creates a mismatch between the management approach and the characteristics of the system to be managed. New insights were drawn from network governance studies. - Highlights: • We studied a relevant topical subject safety culture in nuclear new build project. • We integrated safety science challenges and network governance studies. • We produced practicable insights in managing safety of subcontractor networks

  20. Criticality safety and shielding analysis of WWER-440 fuel configurations

    International Nuclear Information System (INIS)

    Christoskov, I.

    2008-01-01

    An overview is made of some studies performed on the criticality safety and radiation shielding analysis of irradiated WWER-440 fuel storage and handling configurations. The analytical tools are based on the SCALE 4.4a code system, in combination with the TORT discrete ordinates transport code and the BUGLE-96 cross-sections library. The accuracy of some important results is assessed through comparison with independent evaluations and with measurement data. (author)

  1. Multiprocessor Priority Ceiling Emulation for Safety-Critical Java

    DEFF Research Database (Denmark)

    Strøm, Torur Biskopstø; Schoeberl, Martin

    2015-01-01

    Priority ceiling emulation has preferable properties on uniprocessor systems, such as avoiding priority inversion and being deadlock free. This has made it a popular locking protocol. According to the safety-critical Java specication, priority ceiling emulation is a requirement for implementations....... However, implementing the protocol for multiprocessor systemsis more complex so implementations might perform worse than non-preemptive implementations. In this paper we compare two multiprocessor lock implementations with hardware support for the Java optimized processor: non-preemptive locking...

  2. Safety-Critical Software: Status Report and Annotated Bibliography

    Science.gov (United States)

    1993-06-01

    software in place of hardware in safety-critical sys- tems are the Therac 25 (a therapeutic linear accelerator) and nuclear reactor shutdown sys- tems...Leveson and Turner [141], is the Therac 25 radiation treatment machine. A predecessor to the Therac 25, the Therac 20, had a number of hardware Interlocks...to stop an undesirable behavior. Much of the software in the Therac 25 was similar to that of the Therac 20 and the software in both cases contained

  3. A Test Suite for Safety-Critical Java using JML

    DEFF Research Database (Denmark)

    Ravn, Anders P.; Søndergaard, Hans

    2013-01-01

    Development techniques are presented for a test suite for the draft specification of the Java profile for Safety-Critical Systems. Distinguishing features are: specification of conformance constraints in the Java Modeling Language, encoding of infrastructure concepts without implementation bias......, and corresponding specifications of implicitly stated behavioral and real-time properties. The test programs are auto-generated from the specification, while concrete values for test parameters are selected manually. The suite is open source and publicly accessible....

  4. Plenary keynote: Monitoring Safety Critical Infrastructure with Mobile Robots

    OpenAIRE

    Sattar, TP

    2017-01-01

    Reliable Non Destructive Testing (NDT) is vital to the integrity and performance management of capital assets in safety critical industries such as aerospace, transportation, pipelines, petro-chemical processing, and power generation [ ]. The structures that are to be inspected are usually very large and located in remote and hazardous environments. The NDT system has to be deployed by first providing very expensive access, requiring the erection of scaffolding and lengthy preparation before ...

  5. Agile Methods for Open Source Safety-Critical Software.

    Science.gov (United States)

    Gary, Kevin; Enquobahrie, Andinet; Ibanez, Luis; Cheng, Patrick; Yaniv, Ziv; Cleary, Kevin; Kokoori, Shylaja; Muffih, Benjamin; Heidenreich, John

    2011-08-01

    The introduction of software technology in a life-dependent environment requires the development team to execute a process that ensures a high level of software reliability and correctness. Despite their popularity, agile methods are generally assumed to be inappropriate as a process family in these environments due to their lack of emphasis on documentation, traceability, and other formal techniques. Agile methods, notably Scrum, favor empirical process control, or small constant adjustments in a tight feedback loop. This paper challenges the assumption that agile methods are inappropriate for safety-critical software development. Agile methods are flexible enough to encourage the rightamount of ceremony; therefore if safety-critical systems require greater emphasis on activities like formal specification and requirements management, then an agile process will include these as necessary activities. Furthermore, agile methods focus more on continuous process management and code-level quality than classic software engineering process models. We present our experiences on the image-guided surgical toolkit (IGSTK) project as a backdrop. IGSTK is an open source software project employing agile practices since 2004. We started with the assumption that a lighter process is better, focused on evolving code, and only adding process elements as the need arose. IGSTK has been adopted by teaching hospitals and research labs, and used for clinical trials. Agile methods have matured since the academic community suggested they are not suitable for safety-critical systems almost a decade ago, we present our experiences as a case study for renewing the discussion.

  6. Agile Methods for Open Source Safety-Critical Software

    Science.gov (United States)

    Enquobahrie, Andinet; Ibanez, Luis; Cheng, Patrick; Yaniv, Ziv; Cleary, Kevin; Kokoori, Shylaja; Muffih, Benjamin; Heidenreich, John

    2011-01-01

    The introduction of software technology in a life-dependent environment requires the development team to execute a process that ensures a high level of software reliability and correctness. Despite their popularity, agile methods are generally assumed to be inappropriate as a process family in these environments due to their lack of emphasis on documentation, traceability, and other formal techniques. Agile methods, notably Scrum, favor empirical process control, or small constant adjustments in a tight feedback loop. This paper challenges the assumption that agile methods are inappropriate for safety-critical software development. Agile methods are flexible enough to encourage the right amount of ceremony; therefore if safety-critical systems require greater emphasis on activities like formal specification and requirements management, then an agile process will include these as necessary activities. Furthermore, agile methods focus more on continuous process management and code-level quality than classic software engineering process models. We present our experiences on the image-guided surgical toolkit (IGSTK) project as a backdrop. IGSTK is an open source software project employing agile practices since 2004. We started with the assumption that a lighter process is better, focused on evolving code, and only adding process elements as the need arose. IGSTK has been adopted by teaching hospitals and research labs, and used for clinical trials. Agile methods have matured since the academic community suggested they are not suitable for safety-critical systems almost a decade ago, we present our experiences as a case study for renewing the discussion. PMID:21799545

  7. The PSA of safety-critical digital I and C system: the determination of important factors and sensitivity analysis

    International Nuclear Information System (INIS)

    Kang, H. G.; Sung, T. Y.; Eom, H. S.; Jeong, H. S.; Park, J. K.; Lee, K. Y.; Park, J. K.

    2002-01-01

    This report is prepared to suggest a practical Probabilistic Safety Assessment (PSA) methodology of safety-critical digital instrumentation and control (I and C) systems. Even though conventional probabilistic safety assessment methods are immature for applying to microprocessor-based digital systems, practical needs force to apply it because the result of probabilistic safety assessment plays very important role in proving the safety of a designed system. Microprocessors and software technologies make the digital system very complex and hard to analyze the safety of their applications. The aim of this is: (1) To summarize the factors which should be represented by the model for probabilistic safety assessment and to propose a standpoint of evaluation for digital systems. (2) To quantitatively presents the results of a mathematical case study which examines the analysis framework of the safety of digital systems in the context of the PSA. (3) To show the results of a sensitivity study for some critical factors

  8. Planning the Unplanned Experiment: Assessing the Efficacy of Standards for Safety Critical Software

    Science.gov (United States)

    Graydon, Patrick J.; Holloway, C. Michael

    2015-01-01

    We need well-founded means of determining whether software is t for use in safety-critical applications. While software in industries such as aviation has an excellent safety record, the fact that software aws have contributed to deaths illustrates the need for justi ably high con dence in software. It is often argued that software is t for safety-critical use because it conforms to a standard for software in safety-critical systems. But little is known about whether such standards `work.' Reliance upon a standard without knowing whether it works is an experiment; without collecting data to assess the standard, this experiment is unplanned. This paper reports on a workshop intended to explore how standards could practicably be assessed. Planning the Unplanned Experiment: Assessing the Ecacy of Standards for Safety Critical Software (AESSCS) was held on 13 May 2014 in conjunction with the European Dependable Computing Conference (EDCC). We summarize and elaborate on the workshop's discussion of the topic, including both the presented positions and the dialogue that ensued.

  9. Characteristics of safety critical organizations . work psychological perspective

    International Nuclear Information System (INIS)

    Oedewald, P.; Reiman, T.

    2006-02-01

    This book deals with organizations that operate in high hazard industries, such as the nuclear power, aviation, oil and chemical industry organisations. The society puts a great strain on these organisations to rigorously manage the risks inherent in the technology they use and the products they produce. In this book, an organisational psychology view is taken to analyse what are the typical challenges of daily work in these environments. The analysis is based on a literature review about human and organisational factors in safety critical industries, and on the interviews of Finnish safety experts and safety managers from four different companies. In addition to this, personnel interviews conducted in the Finnish nuclear power plants are utilised. The authors come up with eight themes that seem to be common organizational challenges cross the industries. These include e.g. how does the personnel understand the risks and what is the right level for rules and procedures to guide the work activities. The primary aim of this book is to contribute to the Finnish nuclear safety research and safety management discussion. However, the book is equally suitable for risk management, organizational development and human resources management specialists in different industries. The purpose is to encourage readers to consider how the human and organizational factors are seen in the field they work in. (orig.)

  10. Qualification of safety-critical software for digital reactor safety system in nuclear power plants

    International Nuclear Information System (INIS)

    Kwon, Kee-Choon; Park, Gee-Yong; Kim, Jang-Yeol; Lee, Jang-Soo

    2013-01-01

    This paper describes the software qualification activities for the safety-critical software of the digital reactor safety system in nuclear power plants. The main activities of the software qualification processes are the preparation of software planning documentations, verification and validation (V and V) of the software requirements specifications (SRS), software design specifications (SDS) and codes, and the testing of the integrated software and integrated system. Moreover, the software safety analysis and software configuration management are involved in the software qualification processes. The V and V procedure for SRS and SDS contains a technical evaluation, licensing suitability evaluation, inspection and traceability analysis, formal verification, software safety analysis, and an evaluation of the software configuration management. The V and V processes for the code are a traceability analysis, source code inspection, test case and test procedure generation. Testing is the major V and V activity of the software integration and system integration phases. The software safety analysis employs a hazard operability method and software fault tree analysis. The software configuration management in each software life cycle is performed by the use of a nuclear software configuration management tool. Through these activities, we can achieve the functionality, performance, reliability, and safety that are the major V and V objectives of the safety-critical software in nuclear power plants. (author)

  11. Evaluating safety-critical organizations - emphasis on the nuclear industry

    International Nuclear Information System (INIS)

    Reiman, Teemu; Oedewald, Pia

    2009-04-01

    understood that safety is a complex phenomenon. Safety is understood as a property of an entire system and not just absence of incidents - people feel personally responsible for the safety of the entire system, they feel they can have an effect on safety - the organizations aims for understanding the hazards and anticipating the risks in their activities - the organization is alert to the possibility of an unanticipated event - good prerequisites for carrying out the daily work exist. An organizational evaluation should aim at reasoning the: - sources of effectiveness in the organizational dimensions - sources of ineffectiveness in the organization dimensions - social processes in the organization - psychological outcomes of the current organization on a personnel level, e.g. motivation, understanding of hazards and sense of control. When drawing inferences from the organizational evaluations and defining development initiatives, it is important to consider actions that will promote and maintain the strengths of the organization as well as actions that will address and develop the weak areas. Issues associated with data collection and choice of methods has been a topic of much discussion in the field of evaluation of safety-critical organizations. We argue that the problem of collecting data is not the most important problem in terms of facilitating valid evaluations. A more important problem concerns the criteria that are used, as well as the operationalization of criteria into something measurable. Too much effort has been spent on methods and too little on contemplating the question of valid evaluation criteria and a valid means of deducing from the data whether the criteria are fulfilled. In order to accomplish this, a valid evaluation framework is needed, which incorporates the idea of organization as a complex sociotechnical system. This report has been an attempt to illustrate the premises and key issues to consider in organizational evaluations. No method can

  12. Evaluating safety-critical organizations - emphasis on the nuclear industry

    Energy Technology Data Exchange (ETDEWEB)

    Reiman, Teemu; Oedewald, Pia (VTT, Technical Research Centre of Finland (Finland))

    2009-04-15

    - it is understood that safety is a complex phenomenon. Safety is understood as a property of an entire system and not just absence of incidents - people feel personally responsible for the safety of the entire system, they feel they can have an effect on safety - the organizations aims for understanding the hazards and anticipating the risks in their activities - the organization is alert to the possibility of an unanticipated event - good prerequisites for carrying out the daily work exist. An organizational evaluation should aim at reasoning the: - sources of effectiveness in the organizational dimensions - sources of ineffectiveness in the organization dimensions - social processes in the organization - psychological outcomes of the current organization on a personnel level, e.g. motivation, understanding of hazards and sense of control. When drawing inferences from the organizational evaluations and defining development initiatives, it is important to consider actions that will promote and maintain the strengths of the organization as well as actions that will address and develop the weak areas. Issues associated with data collection and choice of methods has been a topic of much discussion in the field of evaluation of safety-critical organizations. We argue that the problem of collecting data is not the most important problem in terms of facilitating valid evaluations. A more important problem concerns the criteria that are used, as well as the operationalization of criteria into something measurable. Too much effort has been spent on methods and too little on contemplating the question of valid evaluation criteria and a valid means of deducing from the data whether the criteria are fulfilled. In order to accomplish this, a valid evaluation framework is needed, which incorporates the idea of organization as a complex sociotechnical system. This report has been an attempt to illustrate the premises and key issues to consider in organizational evaluations. No

  13. Criticality safety analysis of a calciner exit chute

    International Nuclear Information System (INIS)

    Haught, C.F.; Basoglu, B.; Brewer, R.W.; Hollenback, D.F.; Wilkinson, A.D.; Dodds, H.L.

    1994-01-01

    Calcination of uranyl nitrate into uranium oxide is part of normal operations of some enrichment plants. Typically, a calciner discharges uranium oxide powder (U 3 O 8 ) into an exit chute that directs the powder into a receiving can located in a glove box. One possible scenario for a criticality accident is the exit chute becoming blocked with powder near its discharge. The blockage restricts the flow of powder causing the exit chute to become filled with the powder. If blockage does occur, the height of the powder could reach a level that would not be safe from a criticality point of view. In this analysis, the subcritical height limit is examined for 98% enriched U 3 O 8 in the exit chute with full water reflection and optimal water moderation. The height limit for ensuring criticality safety during such an accumulation is 28.2 cm above the top of the discharge pipe at the bottom of the chute. Chute design variations are also evaluated with full water reflection and optimal water moderation. Subcritical configurations for the exit chute variation are developed, but the configurations are not safe when combined with the calciner. To ensure criticality safety, modifications must be made to the calciner tube or safety measures must be implemented if these designs are to be utilized with 98% enriched material. A geometrically safe configuration for the exit chute is developed for a blockage of 20% enriched powder with full water reflection and optimal water moderation, and this configuration is safe when combined with the existing calciner

  14. Criticality safety calculations for three types of final disposal canisters

    International Nuclear Information System (INIS)

    Anttila, M.

    2005-07-01

    The criticality safety of the copper/iron canisters developed for the final disposal of the Finnish spent nuclear fuel has been studied with the MCNP4C Monte Carlo code. Three types of spent fuel disposal canisters have been analysed. The differences between the canisters result from the size and geometry of the spent fuel assemblies to be disposed of in them. One canister type has been designed to contain 12 hexagonal VVER-440 fuel assemblies used at the Loviisa nuclear power plant ('VVER canister'). The second type is for 12 square BWR fuel bundles used at the Olkiluoto 1 and 2 units ( B WR canister ) and the third type is for four fuel assemblies of the Olkiluoto 3 unit to be constructed in the near future ( E PR canister ) . Each canister type is of similar size in the radial direction, but the axial lengths vary significantly. A spent fuel disposal canister must meet the normal criticality safety criteria. The effective multiplication factor must be less than 0.95 also when the canister is in the most reactive credible configuration (optimum moderation and close reflection). Uncertainties in the calculation methods may necessitate the use of an even lower reactivity limit. However, no systematic uncertainty analysis was carried out during this study. It has been proved in an earlier study that a version of the VVER canister loaded with twelve similar fresh VVER-440 assemblies with the initial enrichment of 4.2% fulfils the criticality safety criteria. Also an earlier design of the BWR canister loaded with twelve fresh BWR assemblies of so-called ATRIUM 10x10-9Q type with the initial enrichment of 3.8% and without burnable absorbers has been proved to meet the safety criteria. Therefore, in this study only a few calculations have been carried out for the present versions of VVER and BWR canisters and the results are in good agreement with the previous ones. The main emphasis of this study has been on the EPR canister. This new canister type fulfils the

  15. Exemption, exception and other criteria for transport criticality safety

    International Nuclear Information System (INIS)

    Mennerdahl, D.

    2004-01-01

    Many strange concepts, requirements and specifications related to criticality safety are present in the Regulations. Some earlier problems have been corrected but, going back to 1961 and the first edition of the Regulations, it seems as many changes have been to the worse. Fissile material was defined correctly as a material that could consist of or contain fissile nuclides. Materials consisting of pure fissile nuclides don't exist but are important in package designs. 238 Pu was included as a fissile nuclide only as an emergency, because there was no alternative, but this caused some people to think that all nuclides supporting criticality are fissile. Neutron interaction between different (non-identical) packages had to be evaluated, making the transport index or allowable number of packages a credible safety control. That is not true anymore. The 15 gram exception limit for fissile nuclides was combined with a transport mode limit, similar to but more restrictive than the current consignment limit. The confinement system was introduced to help with formulation of a single requirement for safety of the containment system but is becoming something very different. Controls before the first use of a packaging have become controls of the first use of a package, supporting multiple shipments of the same package. The lack of exemption limits for fissile material essentially makes all radioactive materials fissile (all radioactive material contains some fissile atoms). Radioactive material seems to be defined without consideration of the criticality hazard of the material. LSA materials are defined with consideration of criticality, but only relates to quantities in fissile exceptions when other properties can be equally or more important. In July 2004, a number of proposals to IAEA have been submitted by Sweden to improve and expand the criticality safety control of the Regulations. Essential is the introduction of the fissionable nuclide and material concepts in

  16. Methodology and applications for organizational safety culture

    International Nuclear Information System (INIS)

    Sakaue, Takeharu; Makino, Maomi

    2004-01-01

    The mission of our activity is making 'guidance of safety culture for understanding and evaluations' which comes in much more useful and making it substantial by clarifying positioning of safety culture within evaluation of the quality management. This is pointed out by 'Discussion on how to implement safety culture sufficiently and possible recommendation' last year by falsification issue of TEPCO (Tokyo Electric Power Company). We have been developing the safety culture evaluation structured by three elements. One is safety culture evaluation support tool (SCET), another is organizational reliability model (ORM), third is system for safety. This paper describes mainly organizational reliability model (ORM) and its applications as well as ticking the system for safety culture within quality management. (author)

  17. Recognising safety critical events: can automatic video processing improve naturalistic data analyses?

    Science.gov (United States)

    Dozza, Marco; González, Nieves Pañeda

    2013-11-01

    New trends in research on traffic accidents include Naturalistic Driving Studies (NDS). NDS are based on large scale data collection of driver, vehicle, and environment information in real world. NDS data sets have proven to be extremely valuable for the analysis of safety critical events such as crashes and near crashes. However, finding safety critical events in NDS data is often difficult and time consuming. Safety critical events are currently identified using kinematic triggers, for instance searching for deceleration below a certain threshold signifying harsh braking. Due to the low sensitivity and specificity of this filtering procedure, manual review of video data is currently necessary to decide whether the events identified by the triggers are actually safety critical. Such reviewing procedure is based on subjective decisions, is expensive and time consuming, and often tedious for the analysts. Furthermore, since NDS data is exponentially growing over time, this reviewing procedure may not be viable anymore in the very near future. This study tested the hypothesis that automatic processing of driver video information could increase the correct classification of safety critical events from kinematic triggers in naturalistic driving data. Review of about 400 video sequences recorded from the events, collected by 100 Volvo cars in the euroFOT project, suggested that drivers' individual reaction may be the key to recognize safety critical events. In fact, whether an event is safety critical or not often depends on the individual driver. A few algorithms, able to automatically classify driver reaction from video data, have been compared. The results presented in this paper show that the state of the art subjective review procedures to identify safety critical events from NDS can benefit from automated objective video processing. In addition, this paper discusses the major challenges in making such video analysis viable for future NDS and new potential

  18. A study of software safety analysis system for safety-critical software

    International Nuclear Information System (INIS)

    Chang, H. S.; Shin, H. K.; Chang, Y. W.; Jung, J. C.; Kim, J. H.; Han, H. H.; Son, H. S.

    2004-01-01

    The core factors and requirements for the safety-critical software traced and the methodology adopted in each stage of software life cycle are presented. In concept phase, Failure Modes and Effects Analysis (FMEA) for the system has been performed. The feasibility evaluation of selected safety parameter was performed and Preliminary Hazards Analysis list was prepared using HAZOP(Hazard and Operability) technique. And the check list for management control has been produced via walk-through technique. Based on the evaluation of the check list, activities to be performed in requirement phase have been determined. In the design phase, hazard analysis has been performed to check the safety capability of the system with regard to safety software algorithm using Fault Tree Analysis (FTA). In the test phase, the test items based on FMEA have been checked for fitness guided by an accident scenario. The pressurizer low pressure trip algorithm has been selected to apply FTA method to software safety analysis as a sample. By applying CASE tool, the requirements traceability of safety critical system has been enhanced during all of software life cycle phases

  19. Safety assessment in plant layout design using indexing approach: implementing inherent safety perspective. Part 1 - guideword applicability and method description.

    Science.gov (United States)

    Tugnoli, Alessandro; Khan, Faisal; Amyotte, Paul; Cozzani, Valerio

    2008-12-15

    Layout planning plays a key role in the inherent safety performance of process plants since this design feature controls the possibility of accidental chain-events and the magnitude of possible consequences. A lack of suitable methods to promote the effective implementation of inherent safety in layout design calls for the development of new techniques and methods. In the present paper, a safety assessment approach suitable for layout design in the critical early phase is proposed. The concept of inherent safety is implemented within this safety assessment; the approach is based on an integrated assessment of inherent safety guideword applicability within the constraints typically present in layout design. Application of these guidewords is evaluated along with unit hazards and control devices to quantitatively map the safety performance of different layout options. Moreover, the economic aspects related to safety and inherent safety are evaluated by the method. Specific sub-indices are developed within the integrated safety assessment system to analyze and quantify the hazard related to domino effects. The proposed approach is quick in application, auditable and shares a common framework applicable in other phases of the design lifecycle (e.g. process design). The present work is divided in two parts: Part 1 (current paper) presents the application of inherent safety guidelines in layout design and the index method for safety assessment; Part 2 (accompanying paper) describes the domino hazard sub-index and demonstrates the proposed approach with a case study, thus evidencing the introduction of inherent safety features in layout design.

  20. ICNC2003: Proceedings of the seventh international conference on nuclear criticality safety. Challenges in the pursuit of global nuclear criticality safety

    International Nuclear Information System (INIS)

    2003-10-01

    This proceedings contain (technical, oral and poster papers) presented papers at the Seventh International Conference on Nuclear Criticality Safety ICNC2003 held on 20-24 October 2003, in Tokai, Ibaraki, Japan, following ICNC'99 in Versailles, France. The theme of this conference is 'Challenges in the Pursuit of Global Nuclear Criticality Safety'. This proceedings represent the current status of nuclear criticality safety research throughout the world. The 79 of the presented papers are indexed individually. (J.P.N.)

  1. ICNC2003: Proceedings of the seventh international conference on nuclear criticality safety. Challenges in the pursuit of global nuclear criticality safety

    International Nuclear Information System (INIS)

    2003-10-01

    This proceedings contain (technical, oral and poster papers) presented papers at the Seventh International Conference on Nuclear Criticality Safety ICNC2003 held on 20-24 October 2003, in Tokai, Ibaraki, Japan, following ICNC'99 in Versailles, France. The theme of this conference is 'Challenges in the Pursuit of Global Nuclear Criticality Safety'. This proceedings represent the current status of nuclear criticality safety research throughout the world. The 81 of the presented papers are indexed individually. (J.P.N.)

  2. Criticality safety for deactivation of the Rover dry headend process

    International Nuclear Information System (INIS)

    Henrikson, D.J.

    1995-01-01

    The Rover dry headend process combusted Rover graphite fuels in preparation for dissolution and solvent extraction for the recovery of 235 U. At the end of the Rover processing campaign, significant quantities of 235 U were left in the dry system. The Rover Dry Headend Process Deactivation Project goal is to remove the remaining uranium bearing material (UBM) from the dry system and then decontaminate the cells. Criticality safety issues associated with the Rover Deactivation Project have been influenced by project design refinement and schedule acceleration initiatives. The uranium ash composition used for calculations must envelope a wide range of material compositions, and yet result in cost effective final packaging and storage. Innovative thinking must be used to provide a timely safety authorization basis while the project design continues to be refined

  3. Process management - critical safety issues with focus on risk management

    International Nuclear Information System (INIS)

    Sanne, Johan M.

    2005-12-01

    Organizational changes focused on process orientation are taking place among Swedish nuclear power plants, aiming at improving the operation. The Swedish Nuclear Power Inspectorate has identified a need for increased knowledge within the area for its regulatory activities. In order to analyze what process orientation imply for nuclear power plant safety a number of questions must be asked: 1. How is safety in nuclear power production created currently? What significance does the functional organization play? 2. How can organizational forms be analysed? What consequences does quality management have for work and for the enterprise? 3. Why should nuclear power plants be process oriented? Who are the customers and what are their customer values? Which customers are expected to contribute from process orientation? 4. What can one learn from process orientation in other safety critical systems? What is the effect on those features that currently create safety? 5. Could customer values increase for one customer without decreasing for other customers? What is the relationship between economic and safety interests from an increased process orientation? The deregulation of the electricity market have caused an interest in increased economic efficiency, which is the motivation for the interest in process orientation. among other means. It is the nuclear power plants' owners and the distributors (often the same corporations) that have the strongest interest in process orientation. If the functional organization and associated practices are decomposed, the prerequisites of the risk management regime changes, perhaps deteriorating its functionality. When nuclear power operators consider the introduction of process orientation, the Nuclear Power Inspectorate should require that 1. The operators perform a risk analysis beforehand concerning the potential consequences that process orientation might convey: the analysis should contain a model specifying how safety is currently

  4. A Safety-Critical Java Technology Compatibility Kit

    DEFF Research Database (Denmark)

    Søndergaard, Hans; Korsholm, Stephan Erbs; Ravn, Anders P.

    2014-01-01

    In order to claim conformance with a given Java Specification Request (JSR), a Java implementation has to pass all tests in an associated Technology Compatibility Kit (TCK). This paper presents development of test cases and tools for the draft Safety-Critical Java (SCJ) specification. In previous...... work we have shown how the Java Modeling Language (JML) is applied to specify conformance constraints for SCJ, and how JML-related tools may assist in generating and executing tests. Here we extend this work with a layout for concrete test cases including checking of results in a simplified version...

  5. Safety-Critical Java for Low-End Embedded Platforms

    DEFF Research Database (Denmark)

    Søndergaard, Hans; Korsholm, Stephan E.; Ravn, Anders P.

    2012-01-01

    We present an implementation of the Safety-Critical Java profile (SCJ), targeted for low-end embedded platforms with as little as 16 kB RAM and 256 kB flash. The distinctive features of the implementation are a combination of a lean Java virtual machine (HVM), with a bare metal kernel implementing...... hardware objects, first level interrupt handlers, and native variables, and an infrastructure written in Java which is minimized through program specialization. The HVM allows the implementation to be easily ported to embedded platforms which have a C compiler as part of the development environment...

  6. Patterns for Safety-Critical Java Memory Usage

    DEFF Research Database (Denmark)

    Rios Rivas, Juan Ricardo; Nilsen, Kelvin; Schoeberl, Martin

    2012-01-01

    Scoped memories are introduced in real-time Java profiles in order to make object allocation and deallocation time and space predictable. However, explicit scoping requires care from programmers when dealing with temporary objects, passing scope-allocated objects as arguments to methods, and retu......Scoped memories are introduced in real-time Java profiles in order to make object allocation and deallocation time and space predictable. However, explicit scoping requires care from programmers when dealing with temporary objects, passing scope-allocated objects as arguments to methods...... are illustrated by implementations in the safety-critical Java profile....

  7. A safety-critical java technology compatibility kit

    DEFF Research Database (Denmark)

    Søndergaard, Hans; Korsholm, Stephan E.; Ravn, Anders Peter

    2014-01-01

    In order to claim conformance with a given Java Specification Request (JSR), a Java implementation has to pass all tests in an associated Technology Compatibility Kit (TCK). This paper presents development of test cases and tools for the draft Safety-Critical Java (SCJ) specification. In previous...... work we have shown how the Java Modeling Language (JML) is applied to specify conformance constraints for SCJ, and how JML-related tools may assist in generating and executing tests. Here we extend this work with a layout for concrete test cases including checking of results in a simplified version...

  8. Criticality safety calculations for the nuclear waste disposal canisters

    International Nuclear Information System (INIS)

    Anttila, M.

    1996-12-01

    The criticality safety of the copper/iron canisters developed for the final disposal of the Finnish spent fuel has been studied with the MCNP4A code based on the Monte Carlo technique and with the fuel assembly burnup programs CASMO-HEX and CASMO-4. Two rather similar types of spent fuel disposal canisters have been studied. One canister type has been designed for hexagonal VVER-440 fuel assemblies used at the Loviisa nuclear power plant (IVO canister) and the other one for square BWR fuel bundles used at the Olkiluoto nuclear power plant (TVO canister). (10 refs.)

  9. Instructional games and activities for criticality safety training

    International Nuclear Information System (INIS)

    Bullard, B.; McBride, J.

    1993-01-01

    During the past several years, the Training and Management Systems Division (TMSD) staff of Oak Ridge Institute for Science and Education (ORISE) has designed and developed nuclear criticality safety (NCS) training programs that focus on high trainee involvement through the use of instructional games and activities. This paper discusses the instructional game, initial considerations for developing games, advantages and limitations of games, and how games may be used in developing and implementing NCS training. It also provides examples of the various instructional games and activities used in separate courses designed for Martin Marietta Energy Systems (MMES's) supervisors and U.S. Nuclear Regulatory Commission (NRC) fuel facility inspectors

  10. Administrative practices for nuclear criticality safety, ANSI/ANS-8.19-1996

    International Nuclear Information System (INIS)

    Smith, D.R.

    1996-01-01

    American National Standard, open-quotes Administrative Practices for Nuclear Criticality Safety,close quotes American National Standards Institute/American Nuclear Society (ANSI/ANS)-8.19-1996, addresses the responsibilities of management, supervision, and the criticality safety staff in the administration of an effective criticality safety program. Characteristics of operating procedures, process evaluations, material control procedures, and emergency plans are discussed

  11. Criticality safety evaluation report for FFTF 42% fuel assemblies

    International Nuclear Information System (INIS)

    Richard, R.F.

    1997-01-01

    An FFTF tritium/isotope production mission will require a new fuel supply. The reference design core will use a mixed oxide fuel nominally enriched to 40 wt% Pu. This enrichment is significantly higher than that of the standard Driver Fuel Assemblies used in past operations. Consequently, criticality safety for handling and storage of this fuel must be addressed. The purpose of this document is to begin the process by determining the minimum critical number for these new fuel assemblies in water, sodium and air. This analysis is preliminary and further work can be done to refine the results reported here. Analysis was initially done using 45 wt 5 PuO. Additionally, a preliminary assessment is done concerning storage of these fuel assemblies in Interim Decay Storage (IDS), Fuel Storage Facility (FSF), and Core Component Containers/Interim Storage Casks (CCC/ISC)

  12. Criticality safety aspects of K-25 Building uranium deposit removal

    International Nuclear Information System (INIS)

    Haire, M.J.; Jordan, W.C.; Ingram, J.C. III; Stinnet, E.C. Jr.

    1995-01-01

    The K-25 Building of the Oak Ridge Gaseous Diffusion Plant (now the K-25 Site) went into operation during World War II as the first large scale production plant to separate 235 U from uranium by the gaseous diffusion process. It operated successfully until 1964, when it was placed in a stand-by mode. The Department of Energy has initiated a decontamination and decommissioning program. The primary objective of the Deposit Removal (DR) Project is to improve the nuclear criticality safety of the K-25 Building by removing enriched uranium deposits from unfavorable-geometry process equipment to below minimum critical mass. The method utilized to accomplish this are detailed in this report

  13. Internet applications in radiation safety

    International Nuclear Information System (INIS)

    Hill, P.; Geisse, C.; Wuest, E.

    1998-01-01

    As a means of effective communication the Internet is presently becoming more and more important in German speaking countries, too. Its possibilities to exchange and to obtain information efficiently and rapidly are excellent. Internet and email access are available now in most institutions for professional use. Internet services of importance to radiation safety professionals are described. (orig.) [de

  14. Formal methods for industrial critical systems a survey of applications

    CERN Document Server

    Margaria-Steffen, Tiziana

    2012-01-01

    "Today, formal methods are widely recognized as an essential step in the design process of industrial safety-critical systems. In its more general definition, the term formal methods encompasses all notations having a precise mathematical semantics, together with their associated analysis methods, that allow description and reasoning about the behavior of a system in a formal manner.Growing out of more than a decade of award-winning collaborative work within the European Research Consortium for Informatics and Mathematics, Formal Methods for Industrial Critical Systems: A Survey of Applications presents a number of mainstream formal methods currently used for designing industrial critical systems, with a focus on model checking. The purpose of the book is threefold: to reduce the effort required to learn formal methods, which has been a major drawback for their industrial dissemination; to help designers to adopt the formal methods which are most appropriate for their systems; and to offer a panel of state-of...

  15. Criticality safety evaluation report for K Basin filter cartridges

    International Nuclear Information System (INIS)

    Schwinkendorf, K.N.

    1995-01-01

    A criticality safety evaluation of the K Basin filter cartridge assemblies has been completed to support operations without a criticality alarm system. The results show that for normal operation, the filter cartridge assembly is far below the safety limit of k eff = 0.95, which is applied to plutonium systems at the Hanford Site. During normal operating conditions, uranium, plutonium, and fission and corrosion products in solution are continually accumulating in the available void spaces inside the filter cartridge medium. Currently, filter cartridge assemblies are scheduled to be replaced at six month intervals in KE Basin, and at one year intervals in KW Basin. According to available plutonium concentration data for KE Basin and data for the U/Pu ratio, it will take many times the six-month replacement time for sufficient fissionable material accumulation to take place to exceed the safety limit of k eff = 0.95, especially given the conservative assumption that the presence of fission and corrosion products is ignored. Accumulation of sludge with a composition typical of that measured in the sand filter backwash pit will not lead to a k eff = 0.95 value. For off-normal scenarios, it would require at least two unlikely, independent, and concurrent events to take place before the k eff = 0.95 limit was exceeded. Contingencies considered include failure to replace the filter cartridge assemblies at the scheduled time resulting in additional buildup of fissionable material, the loss of geometry control from the filter cartridge assembly breaking apart and releasing the individual filter cartridges into an optimal configuration, and concentrations of plutonium at U/Pu ratios less than measured data for KE Basin, typically close to 400 according to extensive measurements in the sand filter backwash pit and plutonium production information

  16. Criticality safety evaluation of the fuel cycle facility electrorefiner

    International Nuclear Information System (INIS)

    Lell, R.M.; Mariani, R.D.; Fujita, E.K.; Benedict, R.W.; Turski, R.B.

    1993-01-01

    The integral Fast Reactor (IFR) being developed by Argonne National Laboratory (ANL) combines the advantages of metal-fueled, liquid-metal cooled reactors and a closed-loop fuel cycle. Some of the primary advantages are passive safety for the reactor and resistance to diversion for the heavy metal in the fuel cycle. in addition, the IFR pyroprocess recycles all the long-lived actinide activation products for casting into new fuel pins so that they may be burned in the reactor. A key component in the Fuel Cycle Facility (FCF) recycling process is the electrorefiner (ER) in which the actinides are separated from the fission products. In the process, the metal fuel is electrochemically dissolved into a high-temperature molten salt, and electrorefined uranium or uranium/plutonium products are deposited at cathodes. This report addresses the new and innovative aspects of the criticality analysis ensuing from processing metallic fuel, rather than metal oxide fuel, and from processing the spent fuel in batch operations. in particular, the criticality analysis employed a mechanistic approach as opposed to a probabilistic one. A probabilistic approach was unsuitable because of a lack of operational experience with some of the processes, rendering the estimation of accident event risk factors difficult. The criticality analysis also incorporated the uncertainties in heavy metal content attending the process items by defining normal operations envelopes (NOES) for key process parameters. The goal was to show that reasonable process uncertainties would be demonstrably safe toward criticality for continuous batch operations provided the key process parameters stayed within their NOES. Consequently the NOEs became the point of departure for accident events in the criticality analysis

  17. Reliability estimation of safety-critical software-based systems using Bayesian networks

    International Nuclear Information System (INIS)

    Helminen, A.

    2001-06-01

    Due to the nature of software faults and the way they cause system failures new methods are needed for the safety and reliability evaluation of software-based safety-critical automation systems in nuclear power plants. In the research project 'Programmable automation system safety integrity assessment (PASSI)', belonging to the Finnish Nuclear Safety Research Programme (FINNUS, 1999-2002), various safety assessment methods and tools for software based systems are developed and evaluated. The project is financed together by the Radiation and Nuclear Safety Authority (STUK), the Ministry of Trade and Industry (KTM) and the Technical Research Centre of Finland (VTT). In this report the applicability of Bayesian networks to the reliability estimation of software-based systems is studied. The applicability is evaluated by building Bayesian network models for the systems of interest and performing simulations for these models. In the simulations hypothetical evidence is used for defining the parameter relations and for determining the ability to compensate disparate evidence in the models. Based on the experiences from modelling and simulations we are able to conclude that Bayesian networks provide a good method for the reliability estimation of software-based systems. (orig.)

  18. Fault Injection Validation of a Safety-Critical TMR Sysem

    Science.gov (United States)

    Irrera, Ivano; Madeira, Henrique; Zentai, Andras; Hergovics, Beata

    2016-08-01

    Digital systems and their software are the core technology for controlling and monitoring industrial systems in practically all activity domains. Functional safety standards such as the European standard EN 50128 for railway applications define the procedures and technical requirements for the development of software for railway control and protection systems. The validation of such systems is a highly demanding task. In this paper we discuss the use of fault injection techniques, which have been used extensively in several domains, particularly in the space domain, to complement the traditional procedures to validate a SIL (Safety Integrity Level) 4 system for railway signalling, implementing a TMR (Triple Modular Redundancy) architecture. The fault injection tool is based on JTAG technology. The results of our injection campaign showed a high degree of tolerance to most of the injected faults, but several cases of unexpected behaviour have also been observed, helping understanding worst-case scenarios.

  19. Sensitivity-Uncertainty Techniques for Nuclear Criticality Safety

    Energy Technology Data Exchange (ETDEWEB)

    Brown, Forrest B. [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Rising, Michael Evan [Los Alamos National Lab. (LANL), Los Alamos, NM (United States); Alwin, Jennifer Louise [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2017-08-07

    The sensitivity and uncertainty analysis course will introduce students to keff sensitivity data, cross-section uncertainty data, how keff sensitivity data and keff uncertainty data are generated and how they can be used. Discussion will include how sensitivity/uncertainty data can be used to select applicable critical experiments, to quantify a defensible margin to cover validation gaps and weaknesses, and in development of upper subcritical limits.

  20. Validation of the Continuous-Energy Monte Carlo Criticality-Safety Analysis System MVP and JENDL-3.2 Using the Internationally Evaluated Criticality Benchmarks

    International Nuclear Information System (INIS)

    Mitake, Susumu

    2003-01-01

    Validation of the continuous-energy Monte Carlo criticality-safety analysis system, comprising the MVP code and neutron cross sections based on JENDL-3.2, was examined using benchmarks evaluated in the 'International Handbook of Evaluated Criticality Safety Benchmark Experiments'. Eight experiments (116 configurations) for the plutonium solution and plutonium-uranium mixture systems performed at Valduc, Battelle Pacific Northwest Laboratories, and other facilities were selected and used in the studies. The averaged multiplication factors calculated with MVP and MCNP-4B using the same neutron cross-section libraries based on JENDL-3.2 were in good agreement. Based on methods provided in the Japanese nuclear criticality-safety handbook, the estimated criticality lower-limit multiplication factors to be used as a subcriticality criterion for the criticality-safety evaluation of nuclear facilities were obtained. The analysis proved the applicability of the MVP code to the criticality-safety analysis of nuclear fuel facilities, particularly to the analysis of systems fueled with plutonium and in homogeneous and thermal-energy conditions

  1. Survey of bayesian belif nets for quantitative reliability assessment of safety critical software used in nuclear power plants

    Energy Technology Data Exchange (ETDEWEB)

    Eom, H.S.; Sung, T.Y.; Jeong, H.S.; Park, J.H.; Kang, H.G.; Lee, K

    2001-03-01

    As part of the Probabilistic Safety Assessment of safety grade digital systems used in Nuclear Power plants research, measures and methodologies applicable to quantitative reliability assessment of safety critical software were surveyed. Among the techniques proposed in the literature we selected those which are in use widely and investigated their limitations in quantitative software reliability assessment. One promising methodology from the survey is Bayesian Belief Nets (BBN) which has a formalism and can combine various disparate evidences relevant to reliability into final decision under uncertainty. Thus we analyzed BBN and its application cases in digital systems assessment area and finally studied the possibility of its application to the quantitative reliability assessment of safety critical software.

  2. GROWTH OF THE INTERNATIONAL CRITICALITY SAFETY AND REACTOR PHYSICS EXPERIMENT EVALUATION PROJECTS

    Energy Technology Data Exchange (ETDEWEB)

    J. Blair Briggs; John D. Bess; Jim Gulliford

    2011-09-01

    Since the International Conference on Nuclear Criticality Safety (ICNC) 2007, the International Criticality Safety Benchmark Evaluation Project (ICSBEP) and the International Reactor Physics Experiment Evaluation Project (IRPhEP) have continued to expand their efforts and broaden their scope. Eighteen countries participated on the ICSBEP in 2007. Now, there are 20, with recent contributions from Sweden and Argentina. The IRPhEP has also expanded from eight contributing countries in 2007 to 16 in 2011. Since ICNC 2007, the contents of the 'International Handbook of Evaluated Criticality Safety Benchmark Experiments1' have increased from 442 evaluations (38000 pages), containing benchmark specifications for 3955 critical or subcritical configurations to 516 evaluations (nearly 55000 pages), containing benchmark specifications for 4405 critical or subcritical configurations in the 2010 Edition of the ICSBEP Handbook. The contents of the Handbook have also increased from 21 to 24 criticality-alarm-placement/shielding configurations with multiple dose points for each, and from 20 to 200 configurations categorized as fundamental physics measurements relevant to criticality safety applications. Approximately 25 new evaluations and 150 additional configurations are expected to be added to the 2011 edition of the Handbook. Since ICNC 2007, the contents of the 'International Handbook of Evaluated Reactor Physics Benchmark Experiments2' have increased from 16 different experimental series that were performed at 12 different reactor facilities to 53 experimental series that were performed at 30 different reactor facilities in the 2011 edition of the Handbook. Considerable effort has also been made to improve the functionality of the searchable database, DICE (Database for the International Criticality Benchmark Evaluation Project) and verify the accuracy of the data contained therein. DICE will be discussed in separate papers at ICNC 2011. The status of the

  3. Cyber Security Threats to Safety-Critical, Space-Based Infrastructures

    Science.gov (United States)

    Johnson, C. W.; Atencia Yepez, A.

    2012-01-01

    Space-based systems play an important role within national critical infrastructures. They are being integrated into advanced air-traffic management applications, rail signalling systems, energy distribution software etc. Unfortunately, the end users of communications, location sensing and timing applications often fail to understand that these infrastructures are vulnerable to a wide range of security threats. The following pages focus on concerns associated with potential cyber-attacks. These are important because future attacks may invalidate many of the safety assumptions that support the provision of critical space-based services. These safety assumptions are based on standard forms of hazard analysis that ignore cyber-security considerations This is a significant limitation when, for instance, security attacks can simultaneously exploit multiple vulnerabilities in a manner that would never occur without a deliberate enemy seeking to damage space based systems and ground infrastructures. We address this concern through the development of a combined safety and security risk assessment methodology. The aim is to identify attack scenarios that justify the allocation of additional design resources so that safety barriers can be strengthened to increase our resilience against security threats.

  4. Safety issues in cultural heritage management and critical infrastructures management

    Science.gov (United States)

    Soldovieri, Francesco; Masini, Nicola; Alvarez de Buergo, Monica; Dumoulin, Jean

    2013-12-01

    This special issue is the fourth of its kind in Journal of Geophysics and Engineering , containing studies and applications of geophysical methodologies and sensing technologies for the knowledge, conservation and security of products of human activity ranging from civil infrastructures to built and cultural heritage. The first discussed the application of novel instrumentation, surface and airborne remote sensing techniques, as well as data processing oriented to both detection and characterization of archaeological buried remains and conservation of cultural heritage (Eppelbaum et al 2010). The second stressed the importance of an integrated and multiscale approach for the study and conservation of architectural, archaeological and artistic heritage, from SAR to GPR to imaging based diagnostic techniques (Masini and Soldovieri 2011). The third enlarged the field of analysis to civil engineering structures and infrastructures, providing an overview of the effectiveness and the limitations of single diagnostic techniques, which can be overcome through the integration of different methods and technologies and/or the use of robust and novel data processing techniques (Masini et al 2012). As a whole, the special issue put in evidence the factors that affect the choice of diagnostic strategy, such as the material, the spatial characteristics of the objects or sites, the value of the objects to be investigated (cultural or not), the aim of the investigation (knowledge, conservation, restoration) and the issues to be addressed (monitoring, decay assessment). In order to complete the overview of the application fields of sensing technologies this issue has been dedicated to monitoring of cultural heritage and critical infrastructures to address safety and security issues. Particular attention has been paid to the data processing methods of different sensing techniques, from infrared thermography through GPR to SAR. Cascini et al (2013) present the effectiveness of a

  5. Safety-Critical Java on a Time-predictable Processor

    DEFF Research Database (Denmark)

    Korsholm, Stephan Erbs; Schoeberl, Martin; Puffitsch, Wolfgang

    2015-01-01

    For real-time systems the whole execution stack needs to be time-predictable and analyzable for the worst-case execution time (WCET). This paper presents a time-predictable platform for safety-critical Java. The platform consists of (1) the Patmos processor, which is a time-predictable processor......; (2) a C compiler for Patmos with support for WCET analysis; (3) the HVM, which is a Java-to-C compiler; (4) the HVM-SCJ implementation which supports SCJ Level 0, 1, and 2 (for both single and multicore platforms); and (5) a WCET analysis tool. We show that real-time Java programs translated to C...... and compiled to a Patmos binary can be analyzed by the AbsInt aiT WCET analysis tool. To the best of our knowledge the presented system is the second WCET analyzable real-time Java system; and the first one on top of a RISC processor....

  6. Safety-critical Java on a time-predictable processor

    DEFF Research Database (Denmark)

    Korsholm, Stephan E.; Schoeberl, Martin; Puffitsch, Wolfgang

    2015-01-01

    For real-time systems the whole execution stack needs to be time-predictable and analyzable for the worst-case execution time (WCET). This paper presents a time-predictable platform for safety-critical Java. The platform consists of (1) the Patmos processor, which is a time-predictable processor......; (2) a C compiler for Patmos with support for WCET analysis; (3) the HVM, which is a Java-to-C compiler; (4) the HVM-SCJ implementation which supports SCJ Level 0, 1, and 2 (for both single and multicore platforms); and (5) a WCET analysis tool. We show that real-time Java programs translated to C...... and compiled to a Patmos binary can be analyzed by the AbsInt aiT WCET analysis tool. To the best of our knowledge the presented system is the second WCET analyzable real-time Java system; and the first one on top of a RISC processor....

  7. Criticality safety assessor training at British Nuclear Fuels, Sellafield

    International Nuclear Information System (INIS)

    Gunston, K.J.

    1993-01-01

    In accordance with company policy agreed to in April 1986, graduate new entrants to British Nuclear Fuels (BNFL) Sellafield join a management trainee/appraisal scheme. The purpose of this scheme is that while doing a real job, the trainee should undergo structured training and be given the opportunity to develop both personally and professionally. As part of this scheme, each trainee has a structured training program that is devised to fulfill the requirements of the individual, the department, the site and the professional body to which the trainee aspires. This paper outlines the management trainee training/appraisal system and the structured training program that is used to train criticality safety assessors at BNFL Sellafield

  8. New Criticality Safety Analysis Capabilities in SCALE 5.1

    Energy Technology Data Exchange (ETDEWEB)

    Bowman, Stephen M [ORNL; DeHart, Mark D [ORNL; Dunn, Michael E [ORNL; Goluoglu, Sedat [ORNL; Horwedel, James E [ORNL; Petrie Jr, Lester M [ORNL; Rearden, Bradley T [ORNL; Williams, Mark L [ORNL

    2007-01-01

    Version 5.1 of the SCALE computer software system developed at Oak Ridge National Laboratory, released in 2006, contains several significant enhancements for nuclear criticality safety analysis. This paper highlights new capabilities in SCALE 5.1, including improved resonance self-shielding capabilities; ENDF/B-VI.7 cross-section and covariance data libraries; HTML output for KENO V.a; analytical calculations of KENO-VI volumes with GeeWiz/KENO3D; new CENTRMST/PMCST modules for processing ENDF/B-VI data in TSUNAMI; SCALE Generalized Geometry Package in NEWT; KENO Monte Carlo depletion in TRITON; and plotting of cross-section and covariance data in Javapeno.

  9. Criticality safety analyses in SKODA JS a.s

    International Nuclear Information System (INIS)

    Mikolas, P.; Svarny, J.

    1999-01-01

    This paper describes criticality safety analyses of spent fuel systems for storage and transport of spent fuel performed in SKODA JS s.r.o.. Analyses were performed for different systems both at NPP site including originally designed spent fuel pool with a large pitch between assemblies without any special absorbing material, high density spent fuel pool with an additional absorption by boron steel, depository rack for fresh fuel assemblies with a very large pitch between fuel assemblies, a container for transport of fresh fuel into the reactor pool and a cask for transport and storage of spent fuel and container for final storage depository. required subcriticality has been proven taking into account all possible unfavourable conditions, uncertainties etc. In two cases, burnup credit methodology is expected to be used. (Authors)

  10. Software Reliability Issues Concerning Large and Safety Critical Software Systems

    Science.gov (United States)

    Kamel, Khaled; Brown, Barbara

    1996-01-01

    This research was undertaken to provide NASA with a survey of state-of-the-art techniques using in industrial and academia to provide safe, reliable, and maintainable software to drive large systems. Such systems must match the complexity and strict safety requirements of NASA's shuttle system. In particular, the Launch Processing System (LPS) is being considered for replacement. The LPS is responsible for monitoring and commanding the shuttle during test, repair, and launch phases. NASA built this system in the 1970's using mostly hardware techniques to provide for increased reliability, but it did so often using custom-built equipment, which has not been able to keep up with current technologies. This report surveys the major techniques used in industry and academia to ensure reliability in large and critical computer systems.

  11. Training and qualification program for nuclear criticality safety technical staff

    International Nuclear Information System (INIS)

    Taylor, R.G.; Worley, C.A.

    1996-01-01

    A training and qualification program for nuclear criticality safety technical staff personnel has been developed and implemented. The program is compliant with requirements and provides evidence that a systematic approach has been taken to indoctrinate new technical staff. Development involved task analysis to determine activities where training was necessary and the standard which must be attained to qualify. Structured mentoring is used where experienced personnel interact with candidates using checksheets to guide candidates through various steps and to provide evidence that steps have been accomplished. Credit can be taken for the previous experience of personnel by means of evaluation boards which can credit or modify checksheet steps. Considering just the wealth of business practice and site specific information a new person at a facility needs to assimilate, the program has been effective in indoctrinating new technical staff personnel and integrating them into a productive role. The program includes continuing training

  12. Concepts and techniques: Active electronics and computers in safety-critical accelerator operation

    International Nuclear Information System (INIS)

    Frankel, R.S.

    1995-01-01

    The Relativistic Heavy Ion Collider (RHIC) under construction at Brookhaven National Laboratory, requires an extensive Access Control System to protect personnel from Radiation, Oxygen Deficiency and Electrical hazards. In addition, the complicated nature of operation of the Collider as part of a complex of other Accelerators necessitates the use of active electronic measurement circuitry to ensure compliance with established Operational Safety Limits. Solutions were devised which permit the use of modern computer and interconnections technology for Safety-Critical applications, while preserving and enhancing, tried and proven protection methods. In addition a set of Guidelines, regarding required performance for Accelerator Safety Systems and a Handbook of design criteria and rules were developed to assist future system designers and to provide a framework for internal review and regulation

  13. Concepts and techniques: Active electronics and computers in safety-critical accelerator operation

    Energy Technology Data Exchange (ETDEWEB)

    Frankel, R.S.

    1995-12-31

    The Relativistic Heavy Ion Collider (RHIC) under construction at Brookhaven National Laboratory, requires an extensive Access Control System to protect personnel from Radiation, Oxygen Deficiency and Electrical hazards. In addition, the complicated nature of operation of the Collider as part of a complex of other Accelerators necessitates the use of active electronic measurement circuitry to ensure compliance with established Operational Safety Limits. Solutions were devised which permit the use of modern computer and interconnections technology for Safety-Critical applications, while preserving and enhancing, tried and proven protection methods. In addition a set of Guidelines, regarding required performance for Accelerator Safety Systems and a Handbook of design criteria and rules were developed to assist future system designers and to provide a framework for internal review and regulation.

  14. Criticality safety criteria for the handling, storage, and transportation of LWR fuel outside reactors: ANS-8.17-1984

    International Nuclear Information System (INIS)

    Whitesides, G.E.

    1991-01-01

    The potential for criticality accidents during the handling, storage, and transportation of fuel for nuclear reactors represents a health and safety risk to personnel involved in these activities, as well as to the general public. Appropriate design of equipment and facilities, handling procedures, and personnel training can minimize this risk. Even though the focus of the American National Standard, Nuclear Criticality Safety in Operations with Fissionable Materials Outside Reactors, ANSI/ANS-8.1-1983, is general criteria for the ensurance of criticality safety, Standard ANS-8.17-1984 provides additional guidance applicable to handling, storage, and transportation of light water reactor (LWR) nuclear fuel units in any phase of the fuel cycle outside the reactor core. The intended application of the standard focused on the criticality safety considerations in the design of facilities or operations in fuel cycle facilities where the fissile material is in the form of rods or assemblies of rods. The standard consists of two major sections. The first provides general safety criteria. The second major section provides the criteria to establish subcriticality. In performing criticality safety evaluations, it is necessary to ensure consideration of the most reactive credible conditions based on the fuel design procedures, and moderation and reflection conditions

  15. Quantification of Safety-Critical Software Test Uncertainty

    International Nuclear Information System (INIS)

    Khalaquzzaman, M.; Cho, Jaehyun; Lee, Seung Jun; Jung, Wondea

    2015-01-01

    The method, conservatively assumes that the failure probability of a software for the untested inputs is 1, and the failure probability turns in 0 for successful testing of all test cases. However, in reality the chance of failure exists due to the test uncertainty. Some studies have been carried out to identify the test attributes that affect the test quality. Cao discussed the testing effort, testing coverage, and testing environment. Management of the test uncertainties was discussed in. In this study, the test uncertainty has been considered to estimate the software failure probability because the software testing process is considered to be inherently uncertain. A reliability estimation of software is very important for a probabilistic safety analysis of a digital safety critical system of NPPs. This study focused on the estimation of the probability of a software failure that considers the uncertainty in software testing. In our study, BBN has been employed as an example model for software test uncertainty quantification. Although it can be argued that the direct expert elicitation of test uncertainty is much simpler than BBN estimation, however the BBN approach provides more insights and a basis for uncertainty estimation

  16. Collegiate Aviation Research and Education Solutions to Critical Safety Issues. UNO Aviation Monograph Series. UNOAI Report.

    Science.gov (United States)

    Bowen, Brent, Ed.

    This document contains four papers concerning collegiate aviation research and education solutions to critical safety issues. "Panel Proposal Titled Collegiate Aviation Research and Education Solutions to Critical Safety Issues for the Tim Forte Collegiate Aviation Safety Symposium" (Brent Bowen) presents proposals for panels on the…

  17. Guidelines for preparing criticality safety evaluations at Department of Energy non-reactor nuclear facilities

    International Nuclear Information System (INIS)

    1993-11-01

    This document contains guidelines that should be followed when preparing Criticality Safety Evaluations that will be used to demonstrate the safety of operations performed at DOE non-reactor nuclear facilities. Adherence to these guidelines will provide consistency and uniformity in criticality safety evaluations (CSEs) across the complex and will document compliance with the requirements of DOE Order 5480.24

  18. Credit to fuel burnup for criticality safety evaluations in Spain

    International Nuclear Information System (INIS)

    Conde, J.M.; Recio, M.

    1998-01-01

    The status of development of burnup credit for criticality safety analyses in Spain is described in this paper. Ongoing activities in the country in this field, both national and international, are resumed. Burnup credit is currently being applied to wet storage of PWR fuel, and credit to integral burnable absorbers is given for BWR fuel storage. It is envisaged to apply burnup credit techniques to the new generation of transport casks now in the design phase. The analysis methodologies submitted for the analyses of PWR and BWR fuel wet storage are outlined. Analysis characteristics specific to burnup credit are described, namely the need to increase the experimental data to allow for a more detailed validation of the depletion codes, and of the criticality codes when applied to spent fuel. Reactivity effects that arise in burnup credit analysis, such as axial and radial effects, fuel irradiation history and others are revised. The methods used to address them in the approved methodologies are outlined. Finally, the regulatory approach used to accept these new analytical methodologies is described. (author)

  19. Handbook on criticality. Vol. 1. Criticality and nuclear safety; Handbuch zur Kritikalitaet. Bd. 1. Kritikalitaet und nukleare Sicherheit

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    2015-04-15

    This handbook was prepared primarily with the aim to provide information to experts in industry, authorities or research facilities engaged in criticality-safety-related problems that will allow an adequate and rapid assessment of criticality safety issues already in the planning and preparation of nuclear facilities. However, it is not the intention of the authors of the handbook to offer ready solutions to complex problems of nuclear safety. Such questions have to remain subject to an in-depth analysis and assessment to be carried out by dedicated criticality safety experts. Compared with the previous edition dated December 1998, this handbook has been further revised and supplemented. The proven basic structure of the handbook remains unchanged. The handbook follows in some ways similar criticality handbooks or instructions published in the USA, UK, France, Japan and the former Soviet Union. The expedient use of the information given in this handbook requires a fundamental understanding of criticality and the terminology of nuclear safety. In Vol. 1, ''Criticality and Nuclear Safety'', therefore, first the most important terms and fundamentals are introduced and explained. Subsequently, experimental techniques and calculation methods for evaluating criticality problems are presented. The following chapters of Vol. 1 deal i. a. with the effect of neutron reflectors and absorbers, neutron interaction, measuring methods for criticality, and organisational safety measures and provide an overview of criticality-relevant operational experience and of criticality accidents and their potential hazardous impact. Vol. 2 parts 1 and 2 finally compile criticality parameters in graphical and tabular form. The individual graph sheets are provided with an initially explained set of identifiers, to allow the quick finding of the information of current interest. Part 1 includes criticality parameters for systems with {sup 235}U as fissile material, while part

  20. Accomplishment of 10-year research in NUCEF and future development. Criticality safety research

    International Nuclear Information System (INIS)

    Miyoshi, Yoshinori

    2005-01-01

    Since 1995, static and transient critical experiments on low enriched uranyl nitrate solution have been performed using two solution type criticality facilities, STACY and TRACY constructed in NUCEF. The obtained fundamental and systematic data on aqueous solution were used to validate the criticality safety calculation codes and to develop the transient analyses codes for criticality accident evaluation. This paper describes the outline of the criticality safety research conducted in NUCEF. (author)

  1. Analysis of Critical Characteristics for Safety Graded Personnel Computers in the KNICS Architecture

    International Nuclear Information System (INIS)

    Lee, Hyun Chul; Lee, Dong Young

    2009-01-01

    Critical characteristics analysis of a safety related item is to identify characteristics to be verified to replace an original item with the dedicated item. It is sure that the dedicated item meeting critical characteristics would perform its intended safety function instead of the specified item. KNICS project developed two safety systems: IDiPS RPS (Reactor Protection System) and IDiPS ESF-CCS (Engineered Safety Features-Component Control System). Two safety systems of IDiPS are equipped with personnel computers, so-called COMs (Cabinet Operator Modules), in their cabinets. The personnel computers, COMs, are responsible for safety system monitoring, testing, and maintaining. Even though two safety systems are safety critical system, the personnel computers of two systems, i.e. COMs, are not graded as safety-graded items. Regulation requirements are expected to be strengthened, and the functions of the personnel computer may be enhanced to include safety-related functions and safety functions, it would be necessary that the grade of the personnel computers is adjusted to a higher level, the safety grade. To try to upgrade a non safety system, i.e. COMs, to a safety system, its safety functions and requirements, i.e. critical characteristics, must be identified and verified. This paper describes the process of the identification of critical characteristics and the results of analysis

  2. Propagation of Isotopic Bias and Uncertainty to Criticality Safety Analyses of PWR Waste Packages

    Energy Technology Data Exchange (ETDEWEB)

    Radulescu, Georgeta [ORNL

    2010-06-01

    predicted spent fuel compositions (i.e., determine the penalty in reactivity due to isotopic composition bias and uncertainty) for use in disposal criticality analysis employing burnup credit. The method used in this calculation to propagate the isotopic bias and bias-uncertainty values to k{sub eff} is the Monte Carlo uncertainty sampling method. The development of this report is consistent with 'Test Plan for: Isotopic Validation for Postclosure Criticality of Commercial Spent Nuclear Fuel'. This calculation report has been developed in support of burnup credit activities for the proposed repository at Yucca Mountain, Nevada, and provides a methodology that can be applied to other criticality safety applications employing burnup credit.

  3. Safety requirements applicable to the SMART design

    International Nuclear Information System (INIS)

    Seul, Kwang Won; Kim, Wee Kyong; Kim, Hho Jung

    1999-01-01

    The 330 MW thermal power of integral reactor, named SMART (System integrated Modular Advanced ReacTor), is under development at KAERI for seawater desalination application and electricity generation. The final product of nuclear desalination plant (NDP) is electricity and fresh water. Thus, in addition to the protection of the public around the plant facility from the possible release of radioactive materials, the fresh water should be prevented from radioactivity contamination. In this study, to ensure the safety of SMART reactor in the early stage of design development, the safety requirements applicable to the SMART design were investigated, based on the current regulatory requirements for the existing NPPs and the advanced light water reactor (LWR) designs. The interface requirements related to the desalination facility were also investigated, based on the recent IAEA research activities pertaining to the NDP. As a result, it was found that the current regulatory requirements and guidance for the existing NPPs and advanced LWR designs are applicable to the SMART design and its safety evaluation. However, the safety requirements related to the SMART-specific design and the desalination plant are needed to develop in the future to assure the safety of the SMART reactor

  4. Natural Language Interface for Safety Certification of Safety-Critical Software

    Science.gov (United States)

    Denney, Ewen; Fischer, Bernd

    2011-01-01

    Model-based design and automated code generation are being used increasingly at NASA. The trend is to move beyond simulation and prototyping to actual flight code, particularly in the guidance, navigation, and control domain. However, there are substantial obstacles to more widespread adoption of code generators in such safety-critical domains. Since code generators are typically not qualified, there is no guarantee that their output is correct, and consequently the generated code still needs to be fully tested and certified. The AutoCert generator plug-in supports the certification of automatically generated code by formally verifying that the generated code is free of different safety violations, by constructing an independently verifiable certificate, and by explaining its analysis in a textual form suitable for code reviews.

  5. ADAS applications for improving traffic safety

    NARCIS (Netherlands)

    Lu, M.; Wevers, K.; Heijden, R.E.C.M. van der; Heijer, T.

    2004-01-01

    Governments in several European countries, and the EU have set challenging targets for the improvement of road traffic safety by the year 2010. In the Netherlands a program for infrastructure measures was launched, to meet the Dutch targets. The ongoing developments in the field of ITS applications

  6. The Criticality Safety Information Resource Center (CSIRC) at Los Alamos National Laboratory

    Energy Technology Data Exchange (ETDEWEB)

    Henderson, B.D.; Meade, R.A.; Pruvost, N.L.

    1999-09-20

    The Criticality Safety Information Resource Center (CSIRC) at Los Alamos National Laboratory (LANL) is a program jointly funded by the U.S. Department of Energy (DOE) and the U.S. Nuclear Regulatory Commission (NRC) in conjunction with the Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 97-2. The goal of CSIRC is to preserve primary criticality safety documentation from U.S. critical experimental sites and to make this information available for the benefit of the technical community. Progress in archiving criticality safety primary documents at the LANL archives as well as efforts to make this information available to researchers are discussed. The CSIRC project has a natural linkage to the International Criticality Safety Benchmark Evaluation Project (ICSBEP). This paper raises the possibility that the CSIRC project will evolve in a fashion similar to the ICSBEP. Exploring the implications of linking the CSIRC to the international criticality safety community is the motivation for this paper.

  7. The Criticality Safety Information Resource Center (CSIRC) at Los Alamos National Laboratory

    International Nuclear Information System (INIS)

    Henderson, B.D.; Meade, R.A.; Pruvost, N.L.

    1999-01-01

    The Criticality Safety Information Resource Center (CSIRC) at Los Alamos National Laboratory (LANL) is a program jointly funded by the U.S. Department of Energy (DOE) and the U.S. Nuclear Regulatory Commission (NRC) in conjunction with the Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 97-2. The goal of CSIRC is to preserve primary criticality safety documentation from U.S. critical experimental sites and to make this information available for the benefit of the technical community. Progress in archiving criticality safety primary documents at the LANL archives as well as efforts to make this information available to researchers are discussed. The CSIRC project has a natural linkage to the International Criticality Safety Benchmark Evaluation Project (ICSBEP). This paper raises the possibility that the CSIRC project will evolve in a fashion similar to the ICSBEP. Exploring the implications of linking the CSIRC to the international criticality safety community is the motivation for this paper

  8. The Criticality Safety Information Resource Center at Los Alamos National Laboratory

    Energy Technology Data Exchange (ETDEWEB)

    Henderson, B.D.; Meade, R.A. [Los Alamos National Lab., NM (United States); Pruvost, N.L. [Galaxy Computer Services, Inc., Santa Fe, NM (United States)

    1997-05-01

    The mission of the Criticality Safety Information Resource Center (CSIRC) at Los Alamos National Laboratory (LANL) is the preservation of primary documentation supporting criticality safety. In many cases, but not all, this primary documentation consists of experimentalists` logbooks. Experience has shown that the logbooks and other primary information are vulnerable to being discarded. Destruction of these logbooks results in a permanent loss to the criticality safety community.

  9. Nuclear criticality safety calculational analysis for small-diameter containers

    International Nuclear Information System (INIS)

    LeTellier, M.S.; Smallwood, D.J.; Henkel, J.A.

    1995-11-01

    This report documents calculations performed to establish a technical basis for the nuclear criticality safety of favorable geometry containers, sometimes referred to as 5-inch containers, in use at the Portsmouth Gaseous Diffusion Plant. A list of containers currently used in the plant is shown in Table 1.0-1. These containers are currently used throughout the plant with no mass limits. The use of containers with geometries or material types other than those addressed in this evaluation must be bounded by this analysis or have an additional analysis performed. The following five basic container geometries were modeled and bound all container geometries in Table 1.0-1: (1) 4.32-inch-diameter by 50-inch-high polyethylene bottle; (2) 5.0-inch-diameter by 24-inch-high polyethylene bottle; (3) 5.25-inch-diameter by 24-inch-high steel can (open-quotes F-canclose quotes); (4) 5.25-inch-diameter by 15-inch-high steel can (open-quotes Z-canclose quotes); and (5) 5.0-inch-diameter by 9-inch-high polybottle (open-quotes CO-4close quotes). Each container type is evaluated using five basic reflection and interaction models that include single containers and multiple containers in normal and in credible abnormal conditions. The uranium materials evaluated are UO 2 F 2 +H 2 O and UF 4 +oil materials at 100% and 10% enrichments and U 3 O 8 , and H 2 O at 100% enrichment. The design basis safe criticality limit for the Portsmouth facility is k eff + 2σ < 0.95. The KENO study results may be used as the basis for evaluating general use of these containers in the plant

  10. A study on the quantitative evaluation of the reliability for safety critical software using Bayesian belief nets

    International Nuclear Information System (INIS)

    Eom, H. S.; Jang, S. C.; Ha, J. J.

    2003-01-01

    Despite the efforts to avoid undesirable risks, or at least to bring them under control in the world, new risks that are highly difficult to manage continue to emerge from the use of new technologies, such as the use of digital instrumentation and control (I and C) components in nuclear power plant. Whenever new risk issues came out by now, we have endeavored to find the most effective ways to reduce risks, or to allocate limited resources to do this. One of the major challenges is the reliability analysis of safety-critical software associated with digital safety systems. Though many activities such as testing, verification and validation (V and V) techniques have been carried out in the design stage of software, however, the process of quantitatively evaluating the reliability of safety-critical software has not yet been developed because of the irrelevance of the conventional software reliability techniques to apply for the digital safety systems. This paper focuses on the applicability of Bayesian Belief Net (BBN) techniques to quantitatively estimate the reliability of safety-critical software adopted in digital safety system. In this paper, a typical BBN model was constructed using the dedication process of the Commercial-Off-The-Shelf (COTS) installed by KAERI. In conclusion, the adoption of BBN technique can facilitate the process of evaluating the safety-critical software reliability in nuclear power plant, as well as provide very useful information (e.g., 'what if' analysis) associated with software reliability in the viewpoint of practicality

  11. Criticality Safety Information Resource Center Web portal: www.csirc.net

    International Nuclear Information System (INIS)

    Harmon, C.D. II; Jones, T.

    2000-01-01

    The Nuclear Criticality Safety Group (ESH-6) at Los Alamos National Laboratory (LANL) is in the process of collecting and archiving historical and technical information related to nuclear criticality safety from LANL and other facilities. In an ongoing effort, this information is being made available via the Criticality Safety Information Resource Center (CSIRC) web site, which is hosted and maintained by ESH-6 staff. Recently, the CSIRC Web site was recreated as a Web portal that provides the criticality safety community with much more than just archived data

  12. Integrated Design and Analysis Environment for Safety Critical Human-Automation Systems Project

    Data.gov (United States)

    National Aeronautics and Space Administration — Flight deck systems, like many safety critical systems, often involve complex interactions between multiple human operators, automated subsystems, and physical...

  13. Nuclear criticality safety staff training and qualifications at Los Alamos National Laboratory

    International Nuclear Information System (INIS)

    Monahan, S.P.; McLaughlin, T.P.

    1997-01-01

    Operations involving significant quantities of fissile material have been conducted at Los Alamos National Laboratory continuously since 1943. Until the advent of the Laboratory's Nuclear Criticality Safety Committee (NCSC) in 1957, line management had sole responsibility for controlling criticality risks. From 1957 until 1961, the NCSC was the Laboratory body which promulgated policy guidance as well as some technical guidance for specific operations. In 1961 the Laboratory created the position of Nuclear Criticality Safety Office (in addition to the NCSC). In 1980, Laboratory management moved the Criticality Safety Officer (and one other LACEF staff member who, by that time, was also working nearly full-time on criticality safety issues) into the Health Division office. Later that same year the Criticality Safety Group, H-6 (at that time) was created within H-Division, and staffed by these two individuals. The training and education of these individuals in the art of criticality safety was almost entirely self-regulated, depending heavily on technical interactions between each other, as well as NCSC, LACEF, operations, other facility, and broader criticality safety community personnel. Although the Los Alamos criticality safety group has grown both in size and formality of operations since 1980, the basic philosophy that a criticality specialist must be developed through mentoring and self motivation remains the same. Formally, this philosophy has been captured in an internal policy, document ''Conduct of Business in the Nuclear Criticality Safety Group.'' There are no short cuts or substitutes in the development of a criticality safety specialist. A person must have a self-motivated personality, excellent communications skills, a thorough understanding of the principals of neutron physics, a safety-conscious and helpful attitude, a good perspective of real risk, as well as a detailed understanding of process operations and credible upsets

  14. An evaluation of safety-critical Java on a Java processor

    DEFF Research Database (Denmark)

    Rios Rivas, Juan Ricardo; Schoeberl, Martin

    2014-01-01

    The safety-critical Java (SCJ) specification provides a restricted set of the Java language intended for applications that require certification. In order to test the specification, implementations are emerging and the need to evaluate those implementations in a systematic way is becoming important....... In this paper we evaluate our SCJ implementation which is based on the Java Optimized Processor JOP and we measure different performance and timeliness criteria relevant to hard real-time systems. Our implementation targets Level 0 and Level1 of the specification and to test it we use a series of micro...

  15. Nuclear critical safety analysis for UX-30 transport of freight package

    International Nuclear Information System (INIS)

    Quan Yanhui; Zhou Qi; Yin Shenggui

    2014-01-01

    The nuclear critical safety analysis and evaluation for UX-30 transport freight package in the natural condition and accident condition were carried out with MONK-9A code and MCNP code. Firstly, the critical benchmark experiment data of public in international were selected, and the deflection and subcritical limiting value with MONK-9A code and MCNP code in calculating same material form were validated and confirmed. Secondly, the neutron efficiency multiplication factors in the natural condition and accident condition were calculated and analyzed, and the safety in transport process was evaluated by taking conservative suppose of nuclear critical safety. The calculation results show that the max value of k eff for UX-30 transport freight package is less than the subcritical limiting value, and the UX-30 transport freight package is in the state of subcritical safety. Moreover, the critical safety index (CSI) for UX-30 package can define zero based on the definition of critical safety index. (authors)

  16. Hardware aspects of safety critical digital computer based instrumentation and control systems

    International Nuclear Information System (INIS)

    Sudduth, A.L.

    1994-01-01

    During the last 20 years, instrumentation and control systems based on digital computer technology have come to be used widely throughout industry. Included are applications that are of a safety critical nature - that is, where the consequences of failure of a device or system could have substantial adverse impact on the public. The successful application of digital computer technology in the aerospace and process industries for monitoring and control, and the benefits that this technology offers when compared to the analog technology of 25 years ago, require that consideration be given to the more widespread application of digital computer technology in US nuclear stations as obsolete monitoring and control systems are replaced. The purpose of this paper is to examine hardware aspects of safety critical digital control and instrumentation systems. It will discuss how to achieve adequate measures of system reliability and how to ensure that the required level to reliability is achieved. Special techniques for design of the hardware architecture of a digital computer based monitoring and control system that are able to make the system single or even double failure proof are discussed. Examples of hardware architectures which achieve high reliability are given, including those currently in use in US nuclear stations or expected to be applied in the future

  17. Modeling the critical safety functions status tree of a NPP using FPGA

    International Nuclear Information System (INIS)

    Farias, Marcos Santana; Oliveira, Mauro Vitor de; Jaime, Guilherme Dutra Gonzaga; Almeida, Jose Carlos Soares de; Augusto, Silas Cordeiro

    2013-01-01

    Field Programmable Gate Arrays (FPGAs) based systems and equipment are beginning to appear in new plants I and C applications, as well as in retrofits for operating plants, in particular for safety applications due to their capability to face the systems obsolescence since they are circuit independent. The circuits implemented can be portable to different FPGAs architectures. Moreover, they reduce complexity for regulatory approval as compared to conventional microprocessor-based systems. Critical safety function (CSF) is the most significant design concept for prioritize operator actions for NPP based on the potential threat to the three barriers (fuel cladding, primary coolant system boundary, and containment) and allows the operator to respond to these threats prior to event diagnosis. CSF has a hierarchical information structure that organizes the system variables affecting the plant safety in terms of goal-means relations. This paper describes the application of FPGA in the implementation of the CSFs status tree logic for a Westinghouse 3-loops NPP simulator. (author)

  18. Nuclear Safety Design Base for License Application

    Energy Technology Data Exchange (ETDEWEB)

    R.J. Garrett

    2005-09-29

    The purpose of this report is to identify and document the nuclear safety design requirements that are specific to structures, systems, and components (SSCs) of the repository that are important to safety (ITS) during the preclosure period and to support the preclosure safety analysis and the license application for the high-level radioactive waste (HLW) repository at Yucca Mountain, Nevada. The scope of this report includes the assignment of nuclear safety design requirements to SSCs that are ITS and does not include the assignment of design requirements to SSCs or natural or engineered barriers that are important to waste isolation (ITWI). These requirements are used as input for the design of the SSCs that are ITS such that the preclosure performance objectives of 10 CFR 63.111(b) [DIRS 173273] are met. The natural or engineered barriers that are important to meeting the postclosure performance objectives of 10 CFR 63.113(b) and (c) [DIRS 173273] are identified as ITWI. Although a structure, system, or component (SSC) that is ITS may also be ITWI, this report is only concerned with providing the nuclear safety requirements for SSCs that are ITS to prevent or mitigate event sequences during the repository preclosure period.

  19. NUCLEAR SAFETY DESIGN BASES FOR LICENSE APPLICATION

    Energy Technology Data Exchange (ETDEWEB)

    R.J. Garrett

    2005-03-08

    The purpose of this report is to identify and document the nuclear safety design requirements that are specific to structures, systems, and components (SSCs) of the repository that are important to safety (ITS) during the preclosure period and to support the preclosure safety analysis and the license application for the high-level radioactive waste (HLW) repository at Yucca Mountain, Nevada. The scope of this report includes the assignment of nuclear safety design requirements to SSCs that are ITS and does not include the assignment of design requirements to SSCs or natural or engineered barriers that are important to waste isolation (ITWI). These requirements are used as input for the design of the SSCs that are ITS such that the preclosure performance objectives of 10 CFR 63.111 [DIRS 156605] are met. The natural or engineered barriers that are important to meeting the postclosure performance objectives of 10 CFR 63.113 [DIRS 156605] are identified as ITWI. Although a structure, system, or component (SSC) that is ITS may also be ITWI, this report is only concerned with providing the nuclear safety requirements for SSCs that are ITS to prevent or mitigate event sequences during the repository preclosure period.

  20. Consensus standards utilized and implemented for nuclear criticality safety in Japan

    International Nuclear Information System (INIS)

    Nomura, Yasushi; Okuno, Hiroshi; Naito, Yoshitaka

    1996-01-01

    The fundamental framework for the criticality safety of nuclear fuel facilities regulations is, in many advanced countries, generally formulated so that technical standards or handbook data are utilized to support the licensing safety review and to implement its guidelines. In Japan also, adequacy of the safety design of nuclear fuel facilities is checked and reviewed on the basis of licensing safety review guides. These guides are, first, open-quotes The Basic Guides for Licensing Safety Review of Nuclear Fuel Facilities,close quotes and as its subsidiaries, open-quotes The Uranium Fuel Fabrication Facility Licensing Safety Review Guidesclose quotes and open-quotes The Reprocessing Facility Licensing Safety Review Guides.close quotes The open-quotes Nuclear Criticality Safety Handbook close-quote of Japan and the Technical Data Collection are published and utilized to supply related data and information for the licensing safety review, such as for the Rokkasho reprocessing plant. The well-established technical standards and data abroad such as those by the American Nuclear Society and the American National Standards Institute are also utilized to complement the standards in Japan. The basic principles of criticality safety control for nuclear fuel facilities in Japan are duly stipulated in the aforementioned basic guides as follows: 1. Guide 10: Criticality control for a single unit; 2. Guide 11: Criticality control for multiple units; 3. Guide 12: Consideration for a criticality accident

  1. Design of Mixed-Criticality Applications on Distributed Real-Time Systems

    DEFF Research Database (Denmark)

    Tamas-Selicean, Domitian

    to be developed and certified according to the highest criticality level, dramatically increasing the development costs. In this thesis we consider mixed-criticality real-time applications implemented on distributed partitioned architectures. Partitioned architectures use temporal and spatial separation...... the concept of virtual links, and temporal separation, enforced through schedule tables for TT messages and bandwidth allocation for RC messages. The objective of this thesis is to develop methods and tools for distributed mixed-criticality real-time systems. At the processor level, we are interested......A mixed-criticality system implements applications of different safety-criticality levels onto the same platform. In such cases, the certification standards require that applications of different criticality levels are protected so they cannot influence each other. Otherwise, all tasks have...

  2. Overview of the activities of the OECD/NEA/NSC working party on nuclear criticality safety

    International Nuclear Information System (INIS)

    Nouri, A.; Blomquist, R.; Bradyraap, M.; Briggs, B.; Cousinou, P.; Nomura, Y.; Weber, W.

    2003-01-01

    The OECD Nuclear Energy Agency (NEA) started dealing with criticality-safety related subjects back in the seventies. In the mid-nineties, several activities related to criticality-safety were grouped together into the Working Party on Nuclear Criticality Safety. This working party has since been operating and reporting to the Nuclear Science Committee. Six expert groups co-ordinate various activities ranging from experimental evaluations to code and data inter-comparisons for the study of static and transient criticality behaviours. The paper describes current activities performed in this framework and the achievements of the various expert groups. (author)

  3. Critical incidents related to cardiac arrests reported to the Danish Patient Safety Database

    DEFF Research Database (Denmark)

    Andersen, Peter Oluf; Maaløe, Rikke; Andersen, Henning Boje

    2010-01-01

    Background Critical incident reports can identify areas for improvement in resuscitation practice. The Danish Patient Safety Database is a mandatory reporting system and receives critical incident reports submitted by hospital personnel. The aim of this study is to identify, analyse and categorize...... critical incidents related to cardiac arrests reported to the Danish Patient Safety Database. Methods The search terms “cardiac arrest” and “resuscitation” were used to identify reports in the Danish Patient Safety Database. Identified critical incidents were then classified into categories. Results One...

  4. Guidelines for preparing criticality safety evaluations at Department of Energy non-reactor nuclear facilities

    Energy Technology Data Exchange (ETDEWEB)

    NONE

    1998-09-01

    This Department of Energy (DOE) is approved for use by all components of DOE. It contains guidelines that should be followed when preparing Criticality Safety Evaluations that will be used to demonstrate the safety of operations performed at DOE Non-Reactor Nuclear Facilities. Adherence with these guidelines will provide consistency and uniformity in Criticality Safety Evaluations (CSEs) across the complex and will document compliance with DOE Order 5480.24 requirements as they pertain to CSEs.

  5. The effect of leadership behaviours on followers’ experiences and expectations in a safety-critical industry

    Directory of Open Access Journals (Sweden)

    Christiaan G. Joubert

    2017-04-01

    Full Text Available Background: Motivation for this study was found in concern expressed by civil aviation organisations that specialists in the air navigation services provider sector require appropriate and beneficial organisational leadership to encourage, enable and manage transformation within this highly structured setting. Also, academic research puts emphasis on a need for investigations of the roles, expectations and requirements of followers in the leadership–followership relationship. Followers’ experiences and expectations of leadership behaviours in an air navigation service provider (ANSP organisation were investigated and served as orientation and setting applicable to this study. Aim: The aim of the research was to identify and understand how follower experiences and expectations of leadership behaviours in a safety-critical commercial environment can affect leadership training and growth. The above-mentioned motivated this investigation of leadership traits and behaviours within an explicit context and from a follower’s viewpoint. Setting: The setting for the study was twenty two Air Traffic and Navigation Services Company sites where followers’ experiences and expectations of leadership behaviours in an air navigation service provider (ANSP organisation were investigated and served as orientation and setting applicable to this study. Methods: An ethnographic case study research style was adopted and followed because it allowed for an all-inclusive, holistic narrative report and interpretation. The samples for the quantitative and qualitative components of this study were parallel and methods employed addressed different aspects of the phenomenon, which allowed for a mixed methods research design. A one-way causality in the research design was observed because traits of followers that might influence leaders’ behaviours were excluded. Data were collected by means of a Leader Trait and Behaviour Questionnaire completed by participants

  6. Nuclear criticality safety 2005 and 2006. Monitoring, follow-up and communication

    International Nuclear Information System (INIS)

    Mennerdahl, Dennis

    2007-03-01

    A number of selected issues have dominated during 2005 and 2006. This include development of models for realism based on physics (not only statistics and praxis), criteria for criticality safety, regulations and standards, burnup credit, determination of source convergence in calculations, substantial improvements in calculation methods, validation of those methods, etc. In spite of some criticism against certain parts of the NRC FCSS/ISG-10, it is an important document. It should support both authorities and utilities to determine adequate safety margins. To a large extent, the principles that have been applied in Sweden since the 1970's are supported. The extra safety margin (MMS or Δk m ) that protects against unknown uncertainties in k eff should be related to the known uncertainty. In Sweden this has been achieved by limitation of the total, statistically determined standard deviation to 0.01. In addition, FCSS/ISG-10 supports the principle of using different values of Δk m for normal situations than for design basis incidents (must have very low probabilities). In Sweden, Δk m have been included in the design limits that have been 0.95 for normal scenarios and 0.98 for incident scenarios. The corresponding values of Δk m are 0.05 and 0.02. They are exactly the same values as are mentioned in FCSS/ISG-10. The recently issued SCALE 5.1 is very important for burnup credit. Similar capabilities have been available in Sweden, in the form of CASMO, PHOENIX and their predecessor BUXY, for more than 30 years. SCALE 5.1 makes reactor calculations available in a procedure that is easily accessible to specialists on criticality safety. The physics simulation of the irradiation (Monte Carlo through KENO in 3-D or deterministic through NEWT in 2-D) becomes much more realistic with SCALE 5.1 than with earlier versions. A very important project is the OECD/NEA study on reference values for criticality safety. The final report has now been distributed. Among other issues

  7. Criticality Safety Evaluation of Hanford Site High-Level Waste Storage Tanks

    International Nuclear Information System (INIS)

    ROGERS, C.A.

    2000-01-01

    This criticality safety evaluation covers operations for waste in underground storage tanks at the high-level waste tank farms on the Hanford site. This evaluation provides the bases for criticality safety limits and controls to govern receipt, transfer, and long-term storage of tank waste. Justification is provided that a nuclear criticality accident cannot occur for tank farms operations, based on current fissile material and operating conditions

  8. American National Standard administrative practices for nuclear criticality safety, ANSI/ANS-8.19

    International Nuclear Information System (INIS)

    Smith, D.R.; Carson, R.W.

    1991-01-01

    American National Standard Administrative Practices for Nuclear Criticality Safety, ANSI/ANS-8.19, provides guidance for the administration of an effective program to control the risk of nuclear criticality in operations with fissile material outside reactors. The several sections of the standard address the responsibilities of management, supervisory personnel, and the criticality safety staff, as well as requirements and suggestions for the content of operating procedures, process evaluations, material control procedures, and emergency procedures

  9. Criticality Safety Evaluation of Hanford Site High Level Waste Storage Tanks

    Energy Technology Data Exchange (ETDEWEB)

    ROGERS, C.A.

    2000-02-17

    This criticality safety evaluation covers operations for waste in underground storage tanks at the high-level waste tank farms on the Hanford site. This evaluation provides the bases for criticality safety limits and controls to govern receipt, transfer, and long-term storage of tank waste. Justification is provided that a nuclear criticality accident cannot occur for tank farms operations, based on current fissile material and operating conditions.

  10. SRTC criticality safety technical review: Phase 1 criticality analysis for the 9972-9975 family of shipping casks: (SRT-CMA-940003)

    International Nuclear Information System (INIS)

    Rathbun, R.

    1994-01-01

    Review of SRT-CMA-940003, ''Phase I Criticality Analysis For The 9972-9975 Family Of Shipping Casks (U). (SRT-CMA-940003).'' January 22, 1994, has been performed by the SRTC Applied Physics Group. The NCSE is a criticality assessment of the 9972-9975 family of shipping casks. This work is a follow-on of a previous criticality safety evaluation, with the differences between this and the previous evaluation are that now wall tolerances are modeled and more sophisticated analytical methods are applied. The NCSE under review concludes that, with one exception, the previously specified plutonium and uranium mass limits for 9972-9975 family of shipping casks do ensure that WSRC Nuclear Criticality Safety Manual requirements (ref. 1) are satisfied. The one exception is that the plutonium mass limit for the 9974 cask had to be reduced from 4.4 to 4.3 kg. In contrast, the 7.5 kg uranium mass limit for the 9974 cask was raised to 14.5 kg, making the uranium mass identical for all casks in this family. This technical review consisted of an independent check of the methods and models employed, application of ANSI/ANS 8.1 and 8.15, and verification of WSRC Nuclear Criticality Safety Manual procedures

  11. Writing robust C++ code for critical applications

    CERN Multimedia

    CERN. Geneva

    2015-01-01

    **C++** is one of the most **complex**, expressive and powerful languages out there. However, its complexity makes it hard to write **robust** code. When using C++ to code **critical** applications, ensuring **reliability** is one of the key topics. Testing, debugging and profiling are all a major part of this kind of work. In the BE department we use C++ to write a big part of the controls system for beam operation, which implies putting a big focus on system stability and ensuring smooth operation. This talk will try to: - Highlight potential problems when writing C++ code, giving guidelines on writing defensive code that could have avoided such issues - Explain how to avoid common pitfalls (both in writing C++ code and at the debugging & profiling phase) - Showcase some tools and tricks useful to C++ development The attendees' proficiency in C++ should not be a concern. Anyone is free to join, even people that do not know C++, if only to learn the pitfalls a language may have. This may benefit f...

  12. Static and Dynamic Verification of Critical Software for Space Applications

    Science.gov (United States)

    Moreira, F.; Maia, R.; Costa, D.; Duro, N.; Rodríguez-Dapena, P.; Hjortnaes, K.

    Space technology is no longer used only for much specialised research activities or for sophisticated manned space missions. Modern society relies more and more on space technology and applications for every day activities. Worldwide telecommunications, Earth observation, navigation and remote sensing are only a few examples of space applications on which we rely daily. The European driven global navigation system Galileo and its associated applications, e.g. air traffic management, vessel and car navigation, will significantly expand the already stringent safety requirements for space based applications Apart from their usefulness and practical applications, every single piece of onboard software deployed into the space represents an enormous investment. With a long lifetime operation and being extremely difficult to maintain and upgrade, at least when comparing with "mainstream" software development, the importance of ensuring their correctness before deployment is immense. Verification &Validation techniques and technologies have a key role in ensuring that the onboard software is correct and error free, or at least free from errors that can potentially lead to catastrophic failures. Many RAMS techniques including both static criticality analysis and dynamic verification techniques have been used as a means to verify and validate critical software and to ensure its correctness. But, traditionally, these have been isolated applied. One of the main reasons is the immaturity of this field in what concerns to its application to the increasing software product(s) within space systems. This paper presents an innovative way of combining both static and dynamic techniques exploiting their synergy and complementarity for software fault removal. The methodology proposed is based on the combination of Software FMEA and FTA with Fault-injection techniques. The case study herein described is implemented with support from two tools: The SoftCare tool for the SFMEA and SFTA

  13. The impact and applicability of critical experiment evaluations

    International Nuclear Information System (INIS)

    Brewer, R.

    1997-01-01

    This paper very briefly describes a project to evaluate previously performed critical experiments. The evaluation is intended for use by criticality safety engineers to verify calculations, and may also be used to identify data which need further investigation. The evaluation process is briefly outlined; the accepted benchmark critical experiments will be used as a standard for verification and validation. The end result of the project will be a comprehensive reference document

  14. Definition and Means of Maintaining the Criticality Prevention Design Features Portion of the PFP Safety Envelope

    International Nuclear Information System (INIS)

    RAMBLE, A.L.

    2000-01-01

    The purpose of this document is to record the technical evaluation of the Operational Safety Requirements described in the Plutonium Finishing Plant Final (PFP) Operational Safety Requirements, WHC-SD-CP-OSR-010. Rev. 0-N , Section 3.1.1, ''Criticality Prevention System.'' This document, with its appendices, provides the following: (1) The results of a review of Criticality Safety Analysis Reports (CSAR), later called Criticality Safety Evaluation Reports (CSER), and Criticality Prevention Specifications (CPS) to determine which equipment or components analyzed in the CSER or CPS are considered as one of the two unlikely, independent, and concurrent changes before a criticality accident is possible. (2) Evaluations of equipment or components to determine the safety boundary for the system (Section 4). (3) A list of essential drawings that show the safety system or component (Appendix A). (4) A list of the safety envelope (SE) equipment (Appendix B). (5) Functional requirements for the individual safety envelope equipment (Sections 3 and 4). (6) A list of the operational and surveillance procedures necessary to maintain the system equipment within the safety envelope (Section 5)

  15. Analyzing Software Errors in Safety-Critical Embedded Systems

    Science.gov (United States)

    Lutz, Robyn R.

    1994-01-01

    This paper analyzes the root causes of safty-related software faults identified as potentially hazardous to the system are distributed somewhat differently over the set of possible error causes than non-safety-related software faults.

  16. RECENT ADDITIONS OF CRITICALITY SAFETY RELATED INTEGRAL BENCHMARK DATA TO THE ICSBEP AND IRPHEP HANDBOOKS

    Energy Technology Data Exchange (ETDEWEB)

    J. Blair Briggs; Lori Scott; Yolanda Rugama; Enrico Sartori

    2009-09-01

    High-quality integral benchmark experiments have always been a priority for criticality safety. However, interest in integral benchmark data is increasing as efforts to quantify and reduce calculational uncertainties accelerate to meet the demands of future criticality safety needs to support next generation reactor and advanced fuel cycle concepts. The importance of drawing upon existing benchmark data is becoming more apparent because of dwindling availability of critical facilities worldwide and the high cost of performing new experiments. Integral benchmark data from the International Handbook of Evaluated Criticality Safety Benchmark Experiments and the International Handbook of Reactor Physics Benchmark Experiments are widely used. Benchmark data have been added to these two handbooks since the last Nuclear Criticality Safety Division Topical Meeting in Knoxville, Tennessee (September 2005). This paper highlights these additions.

  17. REcent Additions Of Criticality Safety Related Integral Benchmark Data To The Icsbep And Irphep Handbooks

    International Nuclear Information System (INIS)

    Briggs, J. Blair; Scott, Lori; Rugama, Yolanda; Sartori, Enrico

    2009-01-01

    High-quality integral benchmark experiments have always been a priority for criticality safety. However, interest in integral benchmark data is increasing as efforts to quantify and reduce calculational uncertainties accelerate to meet the demands of future criticality safety needs to support next generation reactor and advanced fuel cycle concepts. The importance of drawing upon existing benchmark data is becoming more apparent because of dwindling availability of critical facilities worldwide and the high cost of performing new experiments. Integral benchmark data from the International Handbook of Evaluated Criticality Safety Benchmark Experiments and the International Handbook of Reactor Physics Benchmark Experiments are widely used. Benchmark data have been added to these two handbooks since the last Nuclear Criticality Safety Division Topical Meeting in Knoxville, Tennessee (September 2005). This paper highlights these additions.

  18. Generation of integral experiment covariance data and their impact on criticality safety validation

    Energy Technology Data Exchange (ETDEWEB)

    Stuke, Maik; Peters, Elisabeth; Sommer, Fabian

    2016-11-15

    The quantification of statistical dependencies in data of critical experiments and how to account for them properly in validation procedures has been discussed in the literature by various groups. However, these subjects are still an active topic in the Expert Group on Uncertainty Analysis for Criticality Safety Assessment (UACSA) of the OECDNEA Nuclear Science Committee. The latter compiles and publishes the freely available experimental data collection, the International Handbook of Evaluated Criticality Safety Benchmark Experiments, ICSBEP. Most of the experiments were performed as series and share parts of experimental setups, consequently leading to correlation effects in the results. The correct consideration of correlated data seems to be inevitable if the experimental data in a validation procedure is limited or one cannot rely on a sufficient number of uncorrelated data sets, e.g. from different laboratories using different setups. The general determination of correlations and the underlying covariance data as well as the consideration of them in a validation procedure is the focus of the following work. We discuss and demonstrate possible effects on calculated k{sub eff}'s, their uncertainties, and the corresponding covariance matrices due to interpretation of evaluated experimental data and its translation into calculation models. The work shows effects of various modeling approaches, varying distribution functions of parameters and compares and discusses results from the applied Monte-Carlo sampling method with available data on correlations. Our findings indicate that for the reliable determination of integral experimental covariance matrices or the correlation coefficients a detailed study of the underlying experimental data, the modeling approach and assumptions made, and the resulting sensitivity analysis seems to be inevitable. Further, a Bayesian method is discussed to include integral experimental covariance data when estimating an

  19. Generation of integral experiment covariance data and their impact on criticality safety validation

    International Nuclear Information System (INIS)

    Stuke, Maik; Peters, Elisabeth; Sommer, Fabian

    2016-11-01

    The quantification of statistical dependencies in data of critical experiments and how to account for them properly in validation procedures has been discussed in the literature by various groups. However, these subjects are still an active topic in the Expert Group on Uncertainty Analysis for Criticality Safety Assessment (UACSA) of the OECDNEA Nuclear Science Committee. The latter compiles and publishes the freely available experimental data collection, the International Handbook of Evaluated Criticality Safety Benchmark Experiments, ICSBEP. Most of the experiments were performed as series and share parts of experimental setups, consequently leading to correlation effects in the results. The correct consideration of correlated data seems to be inevitable if the experimental data in a validation procedure is limited or one cannot rely on a sufficient number of uncorrelated data sets, e.g. from different laboratories using different setups. The general determination of correlations and the underlying covariance data as well as the consideration of them in a validation procedure is the focus of the following work. We discuss and demonstrate possible effects on calculated k eff 's, their uncertainties, and the corresponding covariance matrices due to interpretation of evaluated experimental data and its translation into calculation models. The work shows effects of various modeling approaches, varying distribution functions of parameters and compares and discusses results from the applied Monte-Carlo sampling method with available data on correlations. Our findings indicate that for the reliable determination of integral experimental covariance matrices or the correlation coefficients a detailed study of the underlying experimental data, the modeling approach and assumptions made, and the resulting sensitivity analysis seems to be inevitable. Further, a Bayesian method is discussed to include integral experimental covariance data when estimating an application

  20. Overview of Risk Mitigation for Safety-Critical Computer-Based Systems

    Science.gov (United States)

    Torres-Pomales, Wilfredo

    2015-01-01

    This report presents a high-level overview of a general strategy to mitigate the risks from threats to safety-critical computer-based systems. In this context, a safety threat is a process or phenomenon that can cause operational safety hazards in the form of computational system failures. This report is intended to provide insight into the safety-risk mitigation problem and the characteristics of potential solutions. The limitations of the general risk mitigation strategy are discussed and some options to overcome these limitations are provided. This work is part of an ongoing effort to enable well-founded assurance of safety-related properties of complex safety-critical computer-based aircraft systems by developing an effective capability to model and reason about the safety implications of system requirements and design.

  1. American National Standards and the DOE - A cooperative effort to promote nuclear criticality safety

    International Nuclear Information System (INIS)

    Rothleder, B.M.

    1996-01-01

    The U.S. Department of Energy's (DOE's) new criticality safety order, DOE Order 420.1 (open-quotes Facility Safety,close quotes October 13, 1995), Sec. 4.3 (open-quotes Nuclear Criticality Safetyclose quotes), invokes, as an integral part, 12 appropriate American National Standards Institute/American Nuclear Society (ANSI/ANS) Series-8 standards for nuclear criticality safety, but with modifications. (The order that 420.1/4.3 replaced also invoked some ANSI/ANS Series-8 standards.) These modifications include DOE operation-specific exceptions to the standards and elaborations on some of the wording in the standards

  2. Training and qualification program for nuclear criticality safety technical staff. Revision 1

    International Nuclear Information System (INIS)

    Taylor, R.G.; Worley, C.A.

    1997-01-01

    A training and qualification program for nuclear criticality safety technical staff personnel has been developed and implemented. All personnel who are to perform nuclear criticality safety technical work are required to participate in the program. The program includes both general nuclear criticality safety and plant specific knowledge components. Advantage can be taken of previous experience for that knowledge which is portable such as performance of computer calculations. Candidates step through a structured process which exposes them to basic background information, general plant information, and plant specific information which they need to safely and competently perform their jobs. Extensive documentation is generated to demonstrate that candidates have met the standards established for qualification

  3. I. Reactor safety (including comments on criticisms of WASH-1400)

    International Nuclear Information System (INIS)

    1976-01-01

    A major concern in any nuclear power programme is a reactor accident resulting in a large release of radioactivity to the environment. Serious reactor accidents are possible and the risk of such accidents cannot be reduced to zero i.e. absolute safety cannot be assured. All that can be expected is that the measures used to ensure safety in the design and operation of a reactor are such that the risk of accident is reduced to acceptably low levels. No member of the general public is known to have died or been injured as a result of an accident in over 1000 commercial nuclear power reactor-years. Some accidents in power reactors in operation today have come close enough to an environmental release of radioactivity to cause serious public concern about future safety. Apparent inadequacies in safety practices disclosed by former members of the nuclear power industry have added to this concern. To obtain an objective appraisal of the reactor safety issue this report examines the measures taken in the design and operation of nuclear reactors to reduce the probability of accident to acceptably low levels

  4. Possibilities and Limitations of Applying Software Reliability Growth Models to Safety- Critical Software

    International Nuclear Information System (INIS)

    Kim, Man Cheol; Jang, Seung Cheol; Ha, Jae Joo

    2006-01-01

    As digital systems are gradually introduced to nuclear power plants (NPPs), the need of quantitatively analyzing the reliability of the digital systems is also increasing. Kang and Sung identified (1) software reliability, (2) common-cause failures (CCFs), and (3) fault coverage as the three most critical factors in the reliability analysis of digital systems. For the estimation of the safety-critical software (the software that is used in safety-critical digital systems), the use of Bayesian Belief Networks (BBNs) seems to be most widely used. The use of BBNs in reliability estimation of safety-critical software is basically a process of indirectly assigning a reliability based on various observed information and experts' opinions. When software testing results or software failure histories are available, we can use a process of directly estimating the reliability of the software using various software reliability growth models such as Jelinski- Moranda model and Goel-Okumoto's nonhomogeneous Poisson process (NHPP) model. Even though it is generally known that software reliability growth models cannot be applied to safety-critical software due to small number of expected failure data from the testing of safety-critical software, we try to find possibilities and corresponding limitations of applying software reliability growth models to safety critical software

  5. Criticality studies: One of the two pillars of criticality safety at the Belgonucleaire MOX plant

    International Nuclear Information System (INIS)

    Lance, B.; Maldague, T.; Evrard, G.; Renard, A.; Kockerols, P.

    2001-01-01

    The present paper focuses on the criticality studies performed by the Engineering Division of Belgonucleaire. These are one of the two pillars of the criticality prevention implemented for the Belgonucleaire MOX producing plant. (author)

  6. Criticality safety analysis of Hanford Waste Tank 241-101-SY

    International Nuclear Information System (INIS)

    Perry, R.T.; Sapir, J.L.; Krohn, B.J.

    1993-01-01

    As part of a safety assessment for proposed pump mixing operations to mitigate episodic gas releases in Tank 241-101-SY at the Hanford Site, Richland, Washington, a criticality safety analysis was made using the Sn transport code ONEDANT. The tank contains approximately one million gallons of waste and an estimated 910 G of plutonium. the criticality analysis considers reconfiguration and underestimation of plutonium content. The results indicate that Tank SY-101 does not present a criticality hazard. These methods are also used in criticality analyses of other Hanford tanks

  7. Applications of autonomous robots in safety and security

    CSIR Research Space (South Africa)

    Sabatta, D

    2012-10-01

    Full Text Available In his talk, the author discusses the use of autonomous robots in safety and security-related applications, including safety inspections; search and rescue; soldier support; and surveillance....

  8. The Qualification Experiences for Safety-critical Software of POSAFE-Q

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Jang Yeol; Son, Kwang Seop; Cheon, Se Woo; Lee, Jang Soo; Kwon, Kee Choon [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

    2009-05-15

    Programmable Logic Controllers (PLC) have been applied to the Reactor Protection System (RPS) and the Engineered Safety Feature (ESF)-Component Control System (CCS) as the major safety system components of nuclear power plants. This paper describes experiences on the qualification of the safety-critical software including the pCOS kernel and system tasks related to a safety-grade PLC, i.e. the works done for the Software Verification and Validation, Software Safety Analysis, Software Quality Assurance, and Software Configuration Management etc.

  9. A Practical Risk Assessment Methodology for Safety-Critical Train Control Systems

    Science.gov (United States)

    2009-07-01

    This project proposes a Practical Risk Assessment Methodology (PRAM) for analyzing railroad accident data and assessing the risk and benefit of safety-critical train control systems. This report documents in simple steps the algorithms and data input...

  10. Seafood safety: economics of hazard analysis and Critical Control Point (HACCP) programmes

    National Research Council Canada - National Science Library

    Cato, James C

    1998-01-01

    .... This document on economic issues associated with seafood safety was prepared to complement the work of the Service in seafood technology, plant sanitation and Hazard Analysis Critical Control Point (HACCP) implementation...

  11. Is Model-Based Development a Favorable Approach for Complex and Safety-Critical Computer Systems on Commercial Aircraft?

    Science.gov (United States)

    Torres-Pomales, Wilfredo

    2014-01-01

    A system is safety-critical if its failure can endanger human life or cause significant damage to property or the environment. State-of-the-art computer systems on commercial aircraft are highly complex, software-intensive, functionally integrated, and network-centric systems of systems. Ensuring that such systems are safe and comply with existing safety regulations is costly and time-consuming as the level of rigor in the development process, especially the validation and verification activities, is determined by considerations of system complexity and safety criticality. A significant degree of care and deep insight into the operational principles of these systems is required to ensure adequate coverage of all design implications relevant to system safety. Model-based development methodologies, methods, tools, and techniques facilitate collaboration and enable the use of common design artifacts among groups dealing with different aspects of the development of a system. This paper examines the application of model-based development to complex and safety-critical aircraft computer systems. Benefits and detriments are identified and an overall assessment of the approach is given.

  12. Evaluation of Model Driven Development of Safety Critical Software in the Nuclear Power Plant I and C system

    International Nuclear Information System (INIS)

    Jung, Jae Cheon; Chang, Hoon Seon; Chang, Young Woo; Kim, Jae Hack; Sohn, Se Do

    2005-01-01

    The major issues of the safety critical software are formalism and V and V. Implementing these two characteristics in the safety critical software will greatly enhance the quality of software product. The structure based development requires lots of output documents from the requirements phase to the testing phase. The requirements analysis phase is open omitted. According to the Standish group report in 2001, 49% of software project is cancelled before completion or never implemented. In addition, 23% is completed and become operational, but over-budget, over the time estimation, and with fewer features and functions than initially specified. They identified ten success factors. Among them, firm basic requirements and formal methods are technically achievable factors while the remaining eight are management related. Misunderstanding of requirements due to lack of communication between the design engineer and verification engineer causes unexpected result such as functionality error of system. Safety critical software shall comply with such characteristics as; modularity, simplicity, minimizing the sub-routine, and excluding the interrupt routine. In addition, the crosslink fault and erroneous function shall be eliminated. The easiness of repairing work after the installation shall be achieved as well. In consideration of the above issues, we evaluate the model driven development (MDD) methods for nuclear I and C systems software. For qualitative analysis, the unified modeling language (UML), functional block language (FBL) and the safety critical application environment (SCADE) are tested for the above characteristics

  13. Review of WHC criticality safety audit findings for 1970-1981

    International Nuclear Information System (INIS)

    Rogers, C.A.; Paglieri, J.N.

    1984-01-01

    At Westinghouse Hanford Company (WHC) all fissionable material handling must meet DOE requirements for safety. This necessitates a program of regular audits by the Safety group to verify compliance with criticality safety limits and controls and to alert facility management to observed discrepancies and potential problems. Audits of fissionable material facilities by Safety are required at least once every 6 months, but in practice are conducted more frequently. This paper summarizes findings from over 400 criticality safety audits conducted by Safety between July 1970 and July 1981 in seven fissionable material facilities to show their types and frequencies of occurrence. All limit violations occurring during this period are summarized, including those found by the operating group. 1 ref., 1 tab

  14. A Comparison of Bus Architectures for Safety-Critical Embedded Systems

    Science.gov (United States)

    Rushby, John; Miner, Paul S. (Technical Monitor)

    2003-01-01

    We describe and compare the architectures of four fault-tolerant, safety-critical buses with a view to deducing principles common to all of them, the main differences in their design choices, and the tradeoffs made. Two of the buses come from an avionics heritage, and two from automobiles, though all four strive for similar levels of reliability and assurance. The avionics buses considered are the Honeywell SAFEbus (the backplane data bus used in the Boeing 777 Airplane Information Management System) and the NASA SPIDER (an architecture being developed as a demonstrator for certification under the new DO-254 guidelines); the automobile buses considered are the TTTech Time-Triggered Architecture (TTA), recently adopted by Audi for automobile applications, and by Honeywell for avionics and aircraft control functions, and FlexRay, which is being developed by a consortium of BMW, DaimlerChrysler, Motorola, and Philips.

  15. An assessment of criticality safety at the Department of Energy Rocky Flats Plant, Golden, Colorado, July--September 1989

    Energy Technology Data Exchange (ETDEWEB)

    Mattson, Roger J.

    1989-09-01

    This is a report on the 1989 independent Criticality Safety Assessment of the Rocky Flats Plant, primarily in response to public concerns that nuclear criticality accidents involving plutonium may have occurred at this nuclear weapon component fabrication and processing plant. The report evaluates environmental issues, fissile material storage practices, ventilation system problem areas, and criticality safety practices. While no evidence of a criticality accident was found, several recommendations are made for criticality safety improvements. 9 tabs.

  16. Estimating Impact and Frequency of Risks to Safety and Mission Critical Systems Using CVSS

    NARCIS (Netherlands)

    Houmb, S.H.; Nunes Leal Franqueira, V.; Engum, E.A.

    2008-01-01

    Many safety and mission critical systems depend on the correct and secure operation of both supportive and core software systems. E.g., both the safety of personnel and the effective execution of core missions on an oil platform depend on the correct recording storing, transfer and interpretation of

  17. Classification for Safety-Critical Car-Cyclist Scenarios Using Machine Learning

    NARCIS (Netherlands)

    Cara, I.; Gelder, E.D.

    2015-01-01

    The number of fatal car-cyclist accidents is increasing. Advanced Driver Assistance Systems (ADAS) can improve the safety of cyclists, but they need to be tested with realistic safety-critical car-cyclist scenarios. In order to store only relevant scenarios, an online classification algorithm is

  18. Method of V ampersand V for safety-critical software in NPPs

    International Nuclear Information System (INIS)

    Kim, Jang-Yeol; Lee, Jang-Soo; Kwon, Kee-Choon

    1997-01-01

    Safety-critical software is software used in systems in which a failure could affect personal or equipment safety or result in large financial or social loss. Examples of systems using safety-critical software are systems such as plant protection systems in nuclear power plants (NPPs), process control systems in chemical plants, and medical instruments such as the Therac-25 medical accelerator. This paper presents verification and validation (V ampersand V) methodology for safety-critical software in NPP safety systems. In addition, it addresses issues related to NPP safety systems, such as independence parameters, software safety analysis (SSA) concepts, commercial off-the-shelf (COTS) software evaluation criteria, and interrelationships among software and system assurance organizations. It includes the concepts of existing industrial standards on software V ampersand V, Institute of Electrical and Electronics Engineers (IEEE) Standards 1012 and 1059. This safety-critical software V ampersand V methodology covers V ampersand V scope, a regulatory framework as part of its acceptance criteria, V ampersand V activities and task entrance and exit criteria, reviews and audits, testing and quality assurance records of V ampersand V material, configuration management activities related to V ampersand V, and software V ampersand V (SVV) plan (SVVP) production

  19. Decomobil, Deliverable 3.6, Human Centred Design for Safety Critical Transport Systems

    OpenAIRE

    PAUZIE, Annie; MENDOZA, Lucile; SIMOES, Anabela; BELLET, Thierry; MOREAU, Fabien

    2014-01-01

    The scientific seminar on 'Human Centred Design for Safety Critical Transport Systems' organized in the framework of DECOMOBIL has been held the 8th of September 2014 in Lisbon, Portugal, hosted by ADI/ISG. The aims of the event were to present the scientific problematic related to the safety of the complex transport systems and the increasing importance of human-­centred design, with a specific focus on Resilience Engineering concept, a new approach to safety management in highly complex sys...

  20. Active gated imaging for automotive safety applications

    Science.gov (United States)

    Grauer, Yoav; Sonn, Ezri

    2015-03-01

    The paper presents the Active Gated Imaging System (AGIS), in relation to the automotive field. AGIS is based on a fast gated-camera equipped with a unique Gated-CMOS sensor, and a pulsed Illuminator, synchronized in the time domain to record images of a certain range of interest which are then processed by computer vision real-time algorithms. In recent years we have learned the system parameters which are most beneficial to night-time driving in terms of; field of view, illumination profile, resolution and processing power. AGIS provides also day-time imaging with additional capabilities, which enhances computer vision safety applications. AGIS provides an excellent candidate for camera-based Advanced Driver Assistance Systems (ADAS) and the path for autonomous driving, in the future, based on its outstanding low/high light-level, harsh weather conditions capabilities and 3D potential growth capabilities.

  1. KEOPS and other VENUS experiments dedicated to the criticality safety of a MOX fuel fabrication facility

    International Nuclear Information System (INIS)

    Lance, Benoit; Van Den Hende, Paul; Marloye, Daniel; Basselier, Jacques; Libon, Henri; De Vleeschhauwer, Marc; Moerenhout, Jeremie; Baeten, Peter

    2005-01-01

    The qualification scheme of criticality computer codes for Pu bearing powders lies upon databases which suffer from a lack of recent experimental results. As a MOX manufacture, BELGONUCLEAIRE is especially concerned by criticality safety and would like to address such an issue by launching with SCK-CEN an International Programme called KEOPS. (author)

  2. Student research in criticality safety at the University of Arizona

    International Nuclear Information System (INIS)

    Hetrick, D.L.

    1997-01-01

    A very brief progress report on four University of Arizona student projects is given. Improvements were made in simulations of power pulses in aqueous solutions, including the TWODANT model. TWODANT calculations were performed to investigate the effect of assembly shape on the expansion coefficient of reactivity for solutions. Preliminary calculations were made of critical heights for the Los Alamos SHEBA assembly. Calculations to support French experiments to measure temperature coefficients of dilute plutonium solutions confirmed feasibility

  3. Review of patient safety incidents submitted from Critical Care Units in England & Wales to the UK National Patient Safety Agency.

    Science.gov (United States)

    Thomas, A N; Panchagnula, U; Taylor, R J

    2009-11-01

    We reviewed and classified all patient safety incidents submitted from critical care units in England and Wales to the National Patient Safety Agency for the first quarter of 2008. A total of 6649 incidents were submitted from 141 organisations (median (range) 23 (1-268 incidents)); 786 were unrelated to the critical care episode and 248 were repeat entries. Of the remaining 5615 incidents, 1726 occurred in neonates or babies, 1298 were associated with temporary harm, 15 with permanent harm and 59 required interventions to maintain life or may have contributed to the patient's death. The most common main incident groups were medication (1450 incidents), infrastructure and staffing (1289 incidents) and implementation of care (1047 incidents). There were 2789 incidents classified to more than one main group. The incident analysis highlights ways to improve patient safety and to improve the classification of incidents.

  4. Safety management: a few techniques and their application

    International Nuclear Information System (INIS)

    Soundararajan, S.

    2016-01-01

    Industrial safety practice has grown in its stature tremendously since the age of industrial revolution. A number of modern techniques are available to strengthen design safety features, to review operational safety, and to critically appraise and upgrade practices of occupational safety and health management. This talk focuses on three prominent yet simple techniques and their usefulness in the overall safety management of a workplace. Any industrial set-up undergoes different stages in its life cycle-conceptual design, actual design, construction, fabrication and installation, commissioning, operation, shutdown/re-start up and decommissioning. Checklist procedure is a safety tool that can be applied at any of these stages. Thus it is a quite useful technique in safety management and accident prevention. It can serve as a form of approval from one step to another in the course of any routine or specific task. Safety Audit or Safety Review is a critical safety management appraisal tool. It gives a reasonable indication of how well a company's safety programme works, how hazards are recognised, how well employees are motivated and so on. It gives a clear picture about where a company stands as far as framing and implementation of its SHE policy is concerned. Each of the above tools is complementing each other and required to be applied at appropriate juncture in sustaining good safety management system at the workplace

  5. KAERI software safety guideline for developing safety-critical software in digital instrumentation and control system of nuclear power plant

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Jang Soo; Kim, Jang Yeol; Eum, Heung Seop

    1997-07-01

    Recently, the safety planning for safety-critical software systems is being recognized as the most important phase in the software life cycle, and being developed new regulatory positions and standards by the regulatory and the standardization organization. The requirements for software important to safety of nuclear reactor are described in such positions and standards. Most of them are describing mandatory requirements, what shall be done, for the safety-critical software. The developers of such a software. However, there have been a lot of controversial factors on whether the work practices satisfy the regulatory requirements, and to justify the safety of such a system developed by the work practices, between the licenser and the licensee. We believe it is caused by the reason that there is a gap between the mandatory requirements (What) and the work practices (How). We have developed a guidance to fill such gap, which can be useful for both licenser and licensee to conduct a justification of the safety in the planning phase of developing the software for nuclear reactor protection systems. (author). 67 refs., 13 tabs., 2 figs.

  6. KAERI software safety guideline for developing safety-critical software in digital instrumentation and control system of nuclear power plant

    International Nuclear Information System (INIS)

    Lee, Jang Soo; Kim, Jang Yeol; Eum, Heung Seop.

    1997-07-01

    Recently, the safety planning for safety-critical software systems is being recognized as the most important phase in the software life cycle, and being developed new regulatory positions and standards by the regulatory and the standardization organization. The requirements for software important to safety of nuclear reactor are described in such positions and standards. Most of them are describing mandatory requirements, what shall be done, for the safety-critical software. The developers of such a software. However, there have been a lot of controversial factors on whether the work practices satisfy the regulatory requirements, and to justify the safety of such a system developed by the work practices, between the licenser and the licensee. We believe it is caused by the reason that there is a gap between the mandatory requirements (What) and the work practices (How). We have developed a guidance to fill such gap, which can be useful for both licenser and licensee to conduct a justification of the safety in the planning phase of developing the software for nuclear reactor protection systems. (author). 67 refs., 13 tabs., 2 figs

  7. Design Optimization of Mixed-Criticality Real-Time Applications on Cost-Constrained Partitioned Architectures

    DEFF Research Database (Denmark)

    Tamas-Selicean, Domitian; Pop, Paul

    2011-01-01

    In this paper we are interested to implement mixed-criticality hard real-time applications on a given heterogeneous distributed architecture. Applications have different criticality levels, captured by their Safety-Integrity Level (SIL), and are scheduled using static-cyclic scheduling. Mixed......-criticality tasks can be integrated onto the same architecture only if there is enough spatial and temporal separation among them. We consider that the separation is provided by partitioning, such that applications run in separate partitions, and each partition is allocated several time slots on a processor. Tasks...... slots on each processor and (iv) the schedule tables, such that all the applications are schedulable and the development costs are minimized. We have proposed a Tabu Search-based approach to solve this optimization problem. The proposed algorithm has been evaluated using several synthetic and real...

  8. Criticality Safety Problems Related to Storage of Highly Active Liquid Waste

    International Nuclear Information System (INIS)

    Amin, E.

    1999-01-01

    The geometries of liquid waste storage tanks are not generally safe against criticality. Normally, this does not cause problems as fissile materials exist in nitric acid solution only as depleted uranium or in insignificant concentration of the originally reprocessed inventory of plutonium. However, if sedimentation of solid particles would occur, the deposited material would cause criticality safety problems. Particularly, non-horizontal installation of the storage tanks would increase the Eigen value. The effect of the storage tank inclination and the presence of transplutonium elements on the criticality safety are investigated using the NCNSRC code packages. The results are compared well with a similar German published results

  9. Critical thinking in clinical nurse education: application of Paul's model of critical thinking.

    Science.gov (United States)

    Andrea Sullivan, E

    2012-11-01

    Nurse educators recognize that many nursing students have difficulty in making decisions in clinical practice. The ability to make effective, informed decisions in clinical practice requires that nursing students know and apply the processes of critical thinking. Critical thinking is a skill that develops over time and requires the conscious application of this process. There are a number of models in the nursing literature to assist students in the critical thinking process; however, these models tend to focus solely on decision making in hospital settings and are often complex to actualize. In this paper, Paul's Model of Critical Thinking is examined for its application to nursing education. I will demonstrate how the model can be used by clinical nurse educators to assist students to develop critical thinking skills in all health care settings in a way that makes critical thinking skills accessible to students. Copyright © 2012 Elsevier Ltd. All rights reserved.

  10. Assessment of basic data for criticality safety and shielding design of Tokai Reprocessing Plant

    International Nuclear Information System (INIS)

    Suto, Toshiyuki; Shimizu, Yoshio; Nakamura, Hirohumi; Nojiri, Ichiro; Maki, Akira; Yamanouchi, Takamichi

    1999-02-01

    As a part of the safety confirmation work of Tokai Reprocessing Plant, the appropriateness was checked on the basic data used in criticality safety and shielding design of early-designed facilities in the plant on the basis of recent knowledge and safety evaluation methods. In the criticality safety design, it was confirmed that critical and subcritical values concerning mass and concentration of U and Pu and equipment dimension were appropriate. In the shielding design, it was found that the relation between shielding thickness and permissible radioactivity might give underestimated results of shielding thickness necessary to limit dose rate to the designated one on some condition. In this cases, however, it was confirmed that necessary shielding thickness has been secured because of the conservative calculation conditions for the real conditions except the operation test laboratory (OTL). However, the amount of radioactivity handled at OTL needs to be limited. From a viewpoint of criticality safety, operational control for U and Pu transfer was also investigated. As a result of it, at the transfer route where erroneous batch-wise transfer of process solution might lead to a criticality accident, the reliability of U and Pu concentration measurement needs to be improved by multiple measurements. At other transfer routes, it was confirmed that single failure of equipment or operation error would not lead to a criticality problem. (author)

  11. Safety physics inter-comparison of advanced concepts of critical reactors and ADS

    International Nuclear Information System (INIS)

    Slessarev, I.

    2001-01-01

    Enhanced safety based on the principle of the natural ''self-defence'' is one of the most desirable features of innovative nuclear systems (critical or sub-critical) regarding both TRU transmutation and ''clean'' energy producer concepts. For the evaluation of the ''self-defence'' domain, the method of the asymptotic reactivity balance has been generalised. The promising option of Hybrids systems (that use a symbiosis of fission and spallation in sub-critical cores) which could benefit the advantages of both Accelerated Driven Systems of the traditional type and regular critical systems, has been advocated. General features of Hybrid dynamics have been presented and analysed. It was demonstrated that an external neutron source of Hybrids can expand the inherent safety potential significantly. This analysis has been applied to assess the safety physics potential of innovative concepts for prospective nuclear power both for energy producers and for transmutation. It has been found, that safety enhancement goal defines a choice of sub-criticality of Hybrids. As for energy producers with Th-fuel cycle, a significant sub-criticality level is required due to a necessity of an improvement of neutronics together with safety enhancement task. (author)

  12. Nuclear criticality safety aspects of gaseous uranium hexafluoride (UF{sub 6}) in the diffusion cascade

    Energy Technology Data Exchange (ETDEWEB)

    Huffer, J.E. [Parallax, Inc., Atlanta, GA (United States)

    1997-04-01

    This paper determines the nuclear safety of gaseous UF{sub 6} in the current Gaseous Diffusion Cascade and auxiliary systems. The actual plant safety system settings for pressure trip points are used to determine the maximum amount of HF moderation in the process gas, as well as the corresponding atomic number densities. These inputs are used in KENO V.a criticality safety models which are sized to the actual plant equipment. The ENO V.a calculation results confirm nuclear safety of gaseous UF{sub 6} in plant operations..

  13. Nuclear criticality safety aspects of gaseous uranium hexafluoride (UF6) in the diffusion cascade

    International Nuclear Information System (INIS)

    Huffer, J.E.

    1997-04-01

    This paper determines the nuclear safety of gaseous UF 6 in the current Gaseous Diffusion Cascade and auxiliary systems. The actual plant safety system settings for pressure trip points are used to determine the maximum amount of HF moderation in the process gas, as well as the corresponding atomic number densities. These inputs are used in KENO V.a criticality safety models which are sized to the actual plant equipment. The ENO V.a calculation results confirm nuclear safety of gaseous UF 6 in plant operations

  14. Predicting fatigue and psychophysiological test performance from speech for safety critical environments

    Directory of Open Access Journals (Sweden)

    Khan Richard Baykaner

    2015-08-01

    Full Text Available Automatic systems for estimating operator fatigue have application in safety-critical environments. A system which could estimate level of fatigue from speech would have application in domains where operators engage in regular verbal communication as part of their duties. Previous studies on the prediction of fatigue from speech have been limited because of their reliance on subjective ratings and because they lack comparison to other methods for assessing fatigue. In this paper we present an analysis of voice recordings and psychophysiological test scores collected from seven aerospace personnel during a training task in which they remained awake for 60 hours. We show that voice features and test scores are affected by both the total time spent awake and the time position within each subject’s circadian cycle. However, we show that time spent awake and time of day information are poor predictors of the test results; while voice features can give good predictions of the psychophysiological test scores and sleep latency. Mean absolute errors of prediction are possible within about 17.5% for sleep latency and 5-12% for test scores. We discuss the implications for the use of voice as a means to monitor the effects of fatigue on cognitive performance in practical applications.

  15. Safety-critical Java for low-end embedded platforms

    DEFF Research Database (Denmark)

    Søndergaard, Hans; Korsholm, Stephan E.; Ravn, Anders Peter

    2012-01-01

    hardware objects, first level interrupt handlers, and native variables, and an infrastructure written in Java which is minimized through program specialization. The HVM allows the implementation to be easily ported to embedded platforms which have a C compiler as part of the development environment......; the bare metal approach eliminates the need for a resource consuming operating system or C-library; the program specialization means that the infrastructure for the SCJ profile is optimized for a particular application keeping only the code and data the application needs. The SCJ implementation...

  16. Energy Neutral Wireless Bolt for Safety Critical Fastening

    Directory of Open Access Journals (Sweden)

    Biruk B. Seyoum

    2017-09-01

    Full Text Available Thermoelectric generators (TEGs are now capable of powering the abundant low power electronics from very small (just a few degrees Celsius temperature gradients. This factor along with the continuously lowering cost and size of TEGs, has contributed to the growing number of miniaturized battery-free sensor modules powered by TEGs. In this article, we present the design of an ambient-powered wireless bolt for high-end electro-mechanical systems. The bolt is equipped with a temperature sensor and a low power RF chip powered from a TEG. A DC-DC converter interfacing the TEG with the RF chip is used to step-up the low TEG voltage. The work includes the characterizations of different TEGs and DC-DC converters to determine the optimal design based on the amount of power that can be generated from a TEG under different loads and at temperature gradients typical of industrial environments. A prototype system was implemented and the power consumption of this system under different conditions was also measured. Results demonstrate that the power generated by the TEG at very low temperature gradients is sufficient to guarantee continuous wireless monitoring of the critical fasteners in critical systems such as avionics, motorsport and aerospace.

  17. Energy Neutral Wireless Bolt for Safety Critical Fastening.

    Science.gov (United States)

    Seyoum, Biruk B; Rossi, Maurizio; Brunelli, Davide

    2017-09-26

    Thermoelectric generators (TEGs) are now capable of powering the abundant low power electronics from very small (just a few degrees Celsius) temperature gradients. This factor along with the continuously lowering cost and size of TEGs, has contributed to the growing number of miniaturized battery-free sensor modules powered by TEGs. In this article, we present the design of an ambient-powered wireless bolt for high-end electro-mechanical systems. The bolt is equipped with a temperature sensor and a low power RF chip powered from a TEG. A DC-DC converter interfacing the TEG with the RF chip is used to step-up the low TEG voltage. The work includes the characterizations of different TEGs and DC-DC converters to determine the optimal design based on the amount of power that can be generated from a TEG under different loads and at temperature gradients typical of industrial environments. A prototype system was implemented and the power consumption of this system under different conditions was also measured. Results demonstrate that the power generated by the TEG at very low temperature gradients is sufficient to guarantee continuous wireless monitoring of the critical fasteners in critical systems such as avionics, motorsport and aerospace.

  18. Commercial grade item (CGI) dedication of generators for nuclear safety related applications

    International Nuclear Information System (INIS)

    Das, R.K.; Hajos, L.G.

    1993-01-01

    The number of nuclear safety related equipment suppliers and the availability of spare and replacement parts designed specifically for nuclear safety related application are shrinking rapidly. These have made it necessary for utilities to apply commercial grade spare and replacement parts in nuclear safety related applications after implementing proper acceptance and dedication process to verify that such items conform with the requirements of their use in nuclear safety related application. The general guidelines for the commercial grade item (CGI) acceptance and dedication are provided in US Nuclear Regulatory Commission (NRC) Generic Letters and Electric Power Research Institute (EPRI) Report NP-5652, Guideline for the Utilization of Commercial Grade Items in Nuclear Safety Related Applications. This paper presents an application of these generic guidelines for procurement, acceptance, and dedication of a commercial grade generator for use as a standby generator at Salem Generating Station Units 1 and 2. The paper identifies the critical characteristics of the generator which once verified, will provide reasonable assurance that the generator will perform its intended safety function. The paper also delineates the method of verification of the critical characteristics through tests and provide acceptance criteria for the test results. The methodology presented in this paper may be used as specific guidelines for reliable and cost effective procurement and dedication of commercial grade generators for use as standby generators at nuclear power plants

  19. Software safety analysis techniques for developing safety critical software in the digital protection system of the LMR

    Energy Technology Data Exchange (ETDEWEB)

    Lee, Jang Soo; Cheon, Se Woo; Kim, Chang Hoi; Sim, Yun Sub

    2001-02-01

    This report has described the software safety analysis techniques and the engineering guidelines for developing safety critical software to identify the state of the art in this field and to give the software safety engineer a trail map between the code and standards layer and the design methodology and documents layer. We have surveyed the management aspects of software safety activities during the software lifecycle in order to improve the safety. After identifying the conventional safety analysis techniques for systems, we have surveyed in details the software safety analysis techniques, software FMEA(Failure Mode and Effects Analysis), software HAZOP(Hazard and Operability Analysis), and software FTA(Fault Tree Analysis). We have also surveyed the state of the art in the software reliability assessment techniques. The most important results from the reliability techniques are not the specific probability numbers generated, but the insights into the risk importance of software features. To defend against potential common-mode failures, high quality, defense-in-depth, and diversity are considered to be key elements in digital I and C system design. To minimize the possibility of CMFs and thus increase the plant reliability, we have provided D-in-D and D analysis guidelines.

  20. Software safety analysis techniques for developing safety critical software in the digital protection system of the LMR

    International Nuclear Information System (INIS)

    Lee, Jang Soo; Cheon, Se Woo; Kim, Chang Hoi; Sim, Yun Sub

    2001-02-01

    This report has described the software safety analysis techniques and the engineering guidelines for developing safety critical software to identify the state of the art in this field and to give the software safety engineer a trail map between the code and standards layer and the design methodology and documents layer. We have surveyed the management aspects of software safety activities during the software lifecycle in order to improve the safety. After identifying the conventional safety analysis techniques for systems, we have surveyed in details the software safety analysis techniques, software FMEA(Failure Mode and Effects Analysis), software HAZOP(Hazard and Operability Analysis), and software FTA(Fault Tree Analysis). We have also surveyed the state of the art in the software reliability assessment techniques. The most important results from the reliability techniques are not the specific probability numbers generated, but the insights into the risk importance of software features. To defend against potential common-mode failures, high quality, defense-in-depth, and diversity are considered to be key elements in digital I and C system design. To minimize the possibility of CMFs and thus increase the plant reliability, we have provided D-in-D and D analysis guidelines

  1. Selecting an Architecture for a Safety-Critical Distributed Computer System with Power, Weight and Cost Considerations

    Science.gov (United States)

    Torres-Pomales, Wilfredo

    2014-01-01

    This report presents an example of the application of multi-criteria decision analysis to the selection of an architecture for a safety-critical distributed computer system. The design problem includes constraints on minimum system availability and integrity, and the decision is based on the optimal balance of power, weight and cost. The analysis process includes the generation of alternative architectures, evaluation of individual decision criteria, and the selection of an alternative based on overall value. In this example presented here, iterative application of the quantitative evaluation process made it possible to deliberately generate an alternative architecture that is superior to all others regardless of the relative importance of cost.

  2. Prediction of safety critical software operational reliability from test reliability using testing environment factors

    International Nuclear Information System (INIS)

    Jung, Hoan Sung; Seong, Poong Hyun

    1999-01-01

    It has been a critical issue to predict the safety critical software reliability in nuclear engineering area. For many years, many researches have focused on the quantification of software reliability and there have been many models developed to quantify software reliability. Most software reliability models estimate the reliability with the failure data collected during the test assuming that the test environments well represent the operation profile. User's interest is however on the operational reliability rather than on the test reliability. The experiences show that the operational reliability is higher than the test reliability. With the assumption that the difference in reliability results from the change of environment, from testing to operation, testing environment factors comprising the aging factor and the coverage factor are developed in this paper and used to predict the ultimate operational reliability with the failure data in testing phase. It is by incorporating test environments applied beyond the operational profile into testing environment factors. The application results show that the proposed method can estimate the operational reliability accurately. (Author). 14 refs., 1 tab., 1 fig

  3. Module Testing Techniques for Nuclear Safety Critical Software Using LDRA Testing Tool

    International Nuclear Information System (INIS)

    Moon, Kwon-Ki; Kim, Do-Yeon; Chang, Hoon-Seon; Chang, Young-Woo; Yun, Jae-Hee; Park, Jee-Duck; Kim, Jae-Hack

    2006-01-01

    The safety critical software in the I and C systems of nuclear power plants requires high functional integrity and reliability. To achieve those requirement goals, the safety critical software should be verified and tested according to related codes and standards through verification and validation (V and V) activities. The safety critical software testing is performed at various stages during the development of the software, and is generally classified as three major activities: module testing, system integration testing, and system validation testing. Module testing involves the evaluation of module level functions of hardware and software. System integration testing investigates the characteristics of a collection of modules and aims at establishing their correct interactions. System validation testing demonstrates that the complete system satisfies its functional requirements. In order to generate reliable software and reduce high maintenance cost, it is important that software testing is carried out at module level. Module testing for the nuclear safety critical software has rarely been performed by formal and proven testing tools because of its various constraints. LDRA testing tool is a widely used and proven tool set that provides powerful source code testing and analysis facilities for the V and V of general purpose software and safety critical software. Use of the tool set is indispensable where software is required to be reliable and as error-free as possible, and its use brings in substantial time and cost savings, and efficiency

  4. Geophysics applications in critical zone science: emerging topics

    Science.gov (United States)

    Geophysical studies have resulted in remarkable advances in characterization of critical zone. The geophysics applications uncover the relationships between structure and function in subsurface as they seek to define subsurface structural units with individual properties of retention and trans...

  5. Natural safety indicators and their application to repository safety cases

    International Nuclear Information System (INIS)

    Miller, B.

    2002-01-01

    Radiological dose and risk are the standard end-points calculated in all performance assessments. Their calculation requires, however, assumptions to be made for future human behaviour. To complement dose and risk, other safety indicators have been suggested which do not require such assumptions to be made. One proposed set of safety indicators are the concentrations and fluxes of naturally-occurring chemical species in the environment which may be compared with the performance assessment predictions of repository releases. Such comparisons can be valid because both the natural and repository species would occur in the same system and their transport behaviour would be controlled by exactly the same processes at the same rates. Although simple in concept, there is currently no consensus on the most appropriate comparisons to make or on the interpretation of such comparisons. A number of national and international research projects are evaluating this proposed approach, including an IAEA Co-ordinated Research Programme. These projects suggest that that the approach appears to be workable and that it may be a valuable component of a safety case, complementing the dose and risk presentations. Further work is, however, necessary to develop the approach to a level where it may be confidently applied in further performance assessments in a consistent and methodical manner. (author)

  6. Critical Geragogy and Foreign Language Learning: An Exploratory Application

    Science.gov (United States)

    Ramírez Gómez, Danya

    2016-01-01

    This article proposes an exploratory application of the principles of critical geragogy (Formosa, 2002, 2011, 2012) to foreign language (FL) education (i.e., L2 learning in the L1 community). Critical geragogy is an educational, practical framework intended to empower older adults and lead them to emancipate from age strictures (Glendenning &…

  7. Bayesian approach and application to operation safety

    International Nuclear Information System (INIS)

    Procaccia, H.; Suhner, M.Ch.

    2003-01-01

    The management of industrial risks requires the development of statistical and probabilistic analyses which use all the available convenient information in order to compensate the insufficient experience feedback in a domain where accidents and incidents remain too scarce to perform a classical statistical frequency analysis. The Bayesian decision approach is well adapted to this problem because it integrates both the expertise and the experience feedback. The domain of knowledge is widen, the forecasting study becomes possible and the decisions-remedial actions are strengthen thanks to risk-cost-benefit optimization analyzes. This book presents the bases of the Bayesian approach and its concrete applications in various industrial domains. After a mathematical presentation of the industrial operation safety concepts and of the Bayesian approach principles, this book treats of some of the problems that can be solved thanks to this approach: softwares reliability, controls linked with the equipments warranty, dynamical updating of databases, expertise modeling and weighting, Bayesian optimization in the domains of maintenance, quality control, tests and design of new equipments. A synthesis of the mathematical formulae used in this approach is given in conclusion. (J.S.)

  8. A critical review on toxicological safety of 2-alkylcyclobutanones

    International Nuclear Information System (INIS)

    Song, Beom-Seok; Choi, Soo-Jeong; Jin, Young-Bae; Park, Jong-Heum; Kim, Jae-Kyung; Byun, Eui-Baek; Kim, Jae-Hun; Lee, Ju-Woon; Kim, Gang-Sung; Marchioni, Eric

    2014-01-01

    2-Alkylcyclobutanones (2-ACBs) are known as unique radiolytic products generated from the major fatty acids and triglycerides in food through only irradiation. Since 1990, studies on the toxicological safety of 2-ACBs have been conducted extensively with synthetic compounds. Mutagenicity tests of 2-ACBs on the microorganisms reviewed in this study clearly indicate that no evidence was observed, while several in vitro studies demonstrated the cytotoxicity of 2-ACBs through cell death. Moreover, the genotoxicity of 2-ACBs was suggested as DNA strand breaks were observed. However, these findings should be interpreted with caution because genotoxicity may result from cytotoxicity, which causes DNA damage or from cell membrane destruction and indirect oxidative DNA damage. Therefore, elucidation of the mechanism of genotoxic effects is needed. With regards to the suggestion of Raul et al. (2002) who showed the promoting effect of colon cancer by the administration of 2-ACBs, further studies are needed to correct some experimental design errors. Moreover, an in-vivo experiment that evaluated the metabolism of 2-ACBs has revealed that 2-dDCB was metabolized into cyclic alcohol and excreted through fecal discharge. In conclusion, it is considered that the ingestion of 2-ACBs through irradiated foods is unlikely to affect the human health. However, more specific studies are required to identify the fate of 2-ACBs in body and the LD 50 values. The determination of chronic toxicity by long-term exposure to low concentrations of 2-ACBs has to be evaluated more clearly to determine if these compounds are safe to human. - Highlights: • Mutagenicity 2-ACBs on the microorganisms was not observed. • Several in vitro studies demonstrated the cytotoxicity of 2-ACBs. • Genotoxicity of 2-ACBs was suggested, but elucidation of the mechanism is needed. • 2-dDCB was metabolized into cyclic alcohol and excreted in feces. • Further studies for toxicity of 2-ACBs following

  9. Critical issues of alcohol safety in the region

    Directory of Open Access Journals (Sweden)

    Svetlana Vasil’evna Aksyutina

    2015-03-01

    Full Text Available The paper presents results of the research into the economic and socio-demographic indicators associated with the production and consumption of alcoholic beverages. It discloses the analysis of the alcoholic beverage market structure in the Vologda Oblast. The authors have identified the threshold of the safe alcohol production volume in the region taking into account the World Health Organization standards of alcohol consumption and the share of illegally produced goods. The article states that the increased alcohol production contributes to the rise in tax revenues, but the state fiscal policy to regulate the alcoholic beverage market leads to an increase in the share of shadow turnover. The authors have calculated the economic loss connected with the illegal production of alcoholic beverages in the Vologda Oblast. The alcohol consumption is a destructive socio-demographic process and one of the threats to the health of the nation. Excessive alcohol consumption leads to alcohol dependence, regression of the society and increases the threat to national and economic security. The study reveals a direct correlation between the consumption of alcoholic beverages per capita and mortality rates in men and women of working age from the causes related to the consumption of alcoholic beverages. The study of the international experience to regulate alcohol consumption has showed the need to tighten state control in the sphere of production and turnover of alcoholic products. The conduct of the unified state alcohol policy substantiates the selection of the alcohol industry in the all-Russian classifier of economic activity types. The authors have elaborated the concept and conditions of alcoholic security from the point of view of economic growth and social development. The article substantiates the necessity to monitor alcohol safety indicators when considering the regional development. It presents the complex system of socio-economic and demographic

  10. A critical review on toxicological safety of 2-alkylcyclobutanones

    Science.gov (United States)

    Song, Beom-Seok; Choi, Soo-Jeong; Jin, Young-Bae; Park, Jong-Heum; Kim, Jae-Kyung; Byun, Eui-Baek; Kim, Jae-Hun; Lee, Ju-Woon; Kim, Gang-Sung; Marchioni, Eric

    2014-10-01

    2-Alkylcyclobutanones (2-ACBs) are known as unique radiolytic products generated from the major fatty acids and triglycerides in food through only irradiation. Since 1990, studies on the toxicological safety of 2-ACBs have been conducted extensively with synthetic compounds. Mutagenicity tests of 2-ACBs on the microorganisms reviewed in this study clearly indicate that no evidence was observed, while several in vitro studies demonstrated the cytotoxicity of 2-ACBs through cell death. Moreover, the genotoxicity of 2-ACBs was suggested as DNA strand breaks were observed. However, these findings should be interpreted with caution because genotoxicity may result from cytotoxicity, which causes DNA damage or from cell membrane destruction and indirect oxidative DNA damage. Therefore, elucidation of the mechanism of genotoxic effects is needed. With regards to the suggestion of Raul et al. (2002) who showed the promoting effect of colon cancer by the administration of 2-ACBs, further studies are needed to correct some experimental design errors. Moreover, an in-vivo experiment that evaluated the metabolism of 2-ACBs has revealed that 2-dDCB was metabolized into cyclic alcohol and excreted through fecal discharge. In conclusion, it is considered that the ingestion of 2-ACBs through irradiated foods is unlikely to affect the human health. However, more specific studies are required to identify the fate of 2-ACBs in body and the LD50 values. The determination of chronic toxicity by long-term exposure to low concentrations of 2-ACBs has to be evaluated more clearly to determine if these compounds are safe to human.

  11. TRIGA R a widely used fuel - Assessments, validation and application of criticality standards

    International Nuclear Information System (INIS)

    Comte, N.; Thievenaz, B.; Doucet, M.; Torlini, E.; Pin, T.

    2009-01-01

    The TRIGA R (Training, Research, Isotope production, General Atomics), reactor is the most widely used non-power nuclear reactor in the world. Sixty six TRIGA R reactors are running or under construction in 24 countries. These reactors are used in many diverse applications, including production of radioisotopes for medicine and industry, treatment of tumors, non destructive testing, basic research on the properties of matter, and for education and training. TRIGA R International, a joint venture company between General Atomics and CERCA, a wholly-owned subsidiary of AREVA NP, manufactures and sells TRIGA R fuel to research reactor. The CERCA Factory is currently the only Company in the world to manufacture this type of fuel. Criticality safety evaluations implement requirements to justify sufficient sub critical margins for fuel fabrication plants. Basic criticality data (i. e., criticality standards) are used to determine the sub critical margins for all processes involving enriched uranium. Safety analysis help to identify and update those standards to bound normal, abnormal and accidental conditions. The French criticality code package CRISTAL V1 was used to perform the calculations. After a brief description of the fuel design and the calculation scheme, this paper presents the results for the different types and media of TRIGA R fuel (powder, elements). Experimental benchmarks data were used for validation as well as comparative calculations with Monte-Carlo codes MORET 4 and MCNP. The criticality section of the safety analysis report supporting the actual TRIGA workshops was reviewed to ensure the update of the criticality standards does not harm the safety of the installations. (authors)

  12. Criticality safety analysis of accelerator transmutation waste system

    International Nuclear Information System (INIS)

    Landeyro, P.A.; Cepraga, D.G.; Orazi, A.

    1993-01-01

    The Accelerator Transmutation Waste system (ATW) is under development at the Los Alamos National Laboratory. It consists of a particle accelerator producing a proton beam having an energy of 1.5 GeV. These particles are introduced into the upper part of a molten Pb-Bi column and they produce, by a spallation reaction, a high strength neutron flux, 1.0x10 16 n/(square centimeters sec). The neutrons enter a heavy water blanket where actinides and long-lived fission products circulate in vertical tubes. The goal of this research effort is to perform an independent verification of the feasibility of actinide burning in the ATW system. The work is divided into four tasks: a) production of an actinide and long-lived fission product cross section library from JEF 2.2; b) simulation, using MCNP and KENO IV Monte Carlo codes, of the ATW configurations existing in literature; c) validation of the cross sections by comparison of Keff and reaction rate results, calculated with MCNP and KENO IV, with experimental benchmarks and intercomparison between calculations of a PWR unit cell and the computations carried out with various codes and cross section libraries (NEACRF criticality working group data); d) simulation of the ATW configuration. The two first tasks are almost complete with excellent agreement between this study's results and those of Los Alamos

  13. 75 FR 8239 - School Food Safety Program Based on Hazard Analysis and Critical Control Point Principles (HACCP...

    Science.gov (United States)

    2010-02-24

    ... 0584-AD65 School Food Safety Program Based on Hazard Analysis and Critical Control Point Principles... Safety Program Based on Hazard Analysis and Critical Control Point Principles (HACCP) was published on... school food safety program for the preparation and service of school meals served to children. The Office...

  14. SRTC criticality technical review: Nuclear Criticality Safety Evaluation 93-18 Uranium Solidification Facility's Waste Handling Facility

    International Nuclear Information System (INIS)

    Rathbun, R.

    1993-01-01

    Separate review of NMP-NCS-930058, open-quotes Nuclear Criticality Safety Evaluation 93-18 Uranium Solidification Facility's Waste Handling Facility (U), August 17, 1993,close quotes was requested of SRTC Applied Physics Group. The NCSE is a criticality assessment to determine waste container uranium limits in the Uranium Solidification Facility's Waste Handling Facility. The NCSE under review concludes that the NDA room remains in a critically safe configuration for all normal and single credible abnormal conditions. The ability to make this conclusion is highly dependent on array limitation and inclusion of physical barriers between 2x2x1 arrays of boxes containing materials contaminated with uranium. After a thorough review of the NCSE and independent calculations, this reviewer agrees with that conclusion

  15. Critical roles of orthopaedic surgeon leadership in healthcare systems to improve orthopaedic surgical patient safety.

    Science.gov (United States)

    Kuo, Calvin C; Robb, William J

    2013-06-01

    The prevention of medical and surgical harm remains an important public health problem despite increased awareness and implementation of safety programs. Successful introduction and maintenance of surgical safety programs require both surgeon leadership and collaborative surgeon-hospital alignment. Documentation of success of such surgical safety programs in orthopaedic practice is limited. We describe the scope of orthopaedic surgical patient safety issues, define critical elements of orthopaedic surgical safety, and outline leadership roles for orthopaedic surgeons needed to establish and sustain a culture of safety in contemporary healthcare systems. We identified the most common causes of preventable surgical harm based on adverse and sentinel surgical events reported to The Joint Commission. A comprehensive literature review through a MEDLINE(®) database search (January 1982 through April 2012) to identify pertinent orthopaedic surgical safety articles found 14 articles. Where gaps in orthopaedic literature were identified, the review was supplemented by 22 nonorthopaedic surgical references. Our final review included 36 articles. Six important surgical safety program elements needed to eliminate preventable surgical harm were identified: (1) effective surgical team communication, (2) proper informed consent, (3) implementation and regular use of surgical checklists, (4) proper surgical site/procedure identification, (5) reduction of surgical team distractions, and (6) routine surgical data collection and analysis to improve the safety and quality of surgical patient care. Successful surgical safety programs require a culture of safety supported by all six key surgical safety program elements, active surgeon champions, and collaborative hospital and/or administrative support designed to enhance surgical safety and improve surgical patient outcomes. Further research measuring improvements from such surgical safety systems in orthopaedic care is needed.

  16. The preliminary edition of nuclear criticality safety handbook of Japan, (5)

    International Nuclear Information System (INIS)

    Sakai, T.; Naito, Y.

    1987-01-01

    Full reflector thickness and isolation thickness of water and ordinary concrete were calculated with the nuclear criticality safety evaluation code system JACS for nuclear criticality safety on fuel facilities. Since these two values depend on physical/chemical property of nuclear fuel and shape/size of array units, it is unreasonable to apply only one value for all neutron interaction problems. In this paper, a simple evaluation method is examined to obtain full reflector thickness and isolation thickness for various cases. The following results are obtained; these two values are expressed as a simple function of neutron migration length of reflector, and this relation is well explained by one-group diffusion theory. With this relation, we proposed a new method to determine full reflector thickness and isolation thickness which are able to be used for criticality safety design. (author)

  17. The Dynamics of Agile Practices for Safety-Critical Software Development

    DEFF Research Database (Denmark)

    Nielsen, Peter Axel; Tordrup Heeager, Lise

    2017-01-01

    This short paper reports from a case study of the agile development of safety-critical software. It utilizes a framework of dynamic relationships between agile practices with the purpose of demonstrating the utility of the framework to understand a case in its context, and it shows significant dy...... dynamics. The study is concluded by pointing at which further research on the framework is required to use the framework in managing the agile development of safety-critical software.......This short paper reports from a case study of the agile development of safety-critical software. It utilizes a framework of dynamic relationships between agile practices with the purpose of demonstrating the utility of the framework to understand a case in its context, and it shows significant...

  18. Supporting Multiprocessors in the Icecap Safety-Critical Java Run-Time Environment

    DEFF Research Database (Denmark)

    Zhao, Shuai; Wellings, Andy; Korsholm, Stephan Erbs

    2015-01-01

    The current version of the Safety Critical Java (SCJ) specification defines three compliance levels. Level 0 targets single processor programs while Level 1 and 2 can support multiprocessor platforms. Level 1 programs must be fully partitioned but Level 2 programs can also be more globally...... scheduled. As of yet, there is no official Reference Implementation for SCJ. However, the icecap project has produced a Safety-Critical Java Run-time Environment based on the Hardware-near Virtual Machine (HVM). This supports SCJ at all compliance levels and provides an implementation of the safety......-critical Java (javax.safetycritical) package. This is still work-in-progress and lacks certain key features. Among these is the ability to support multiprocessor platforms. In this paper, we explore two possible options to adding multiprocessor support to this environment: the “green thread” and the “native...

  19. Safety applications of computer based systems for the process industry

    International Nuclear Information System (INIS)

    Bologna, Sandro; Picciolo, Giovanni; Taylor, Robert

    1997-11-01

    Computer based systems, generally referred to as Programmable Electronic Systems (PESs) are being increasingly used in the process industry, also to perform safety functions. The process industry as they intend in this document includes, but is not limited to, chemicals, oil and gas production, oil refining and power generation. Starting in the early 1970's the wide application possibilities and the related development problems of such systems were recognized. Since then, many guidelines and standards have been developed to direct and regulate the application of computers to perform safety functions (EWICS-TC7, IEC, ISA). Lessons learnt in the last twenty years can be summarised as follows: safety is a cultural issue; safety is a management issue; safety is an engineering issue. In particular, safety systems can only be properly addressed in the overall system context. No single method can be considered sufficient to achieve the safety features required in many safety applications. Good safety engineering approach has to address not only hardware and software problems in isolation but also their interfaces and man-machine interface problems. Finally, the economic and industrial aspects of the safety applications and development of PESs in process plants are evidenced throughout all the Report. Scope of the Report is to contribute to the development of an adequate awareness of these problems and to illustrate technical solutions applied or being developed

  20. A critical analysis of the majority judgment in F v Minister of Safety ...

    African Journals Online (AJOL)

    The majority judgment of Mogoeng CJ in F v Minister of Safety and Security 2012 1 SA 536 (CC) purports to be a straightforward application of the reasoning of the Constitutional Court in K v Minister of Safety and Security 2005 6 SA 419 (CC), in which the court updated and constitutionalised the "standard test" for vicarious ...

  1. Systems modeling and simulation applications for critical care medicine.

    Science.gov (United States)

    Dong, Yue; Chbat, Nicolas W; Gupta, Ashish; Hadzikadic, Mirsad; Gajic, Ognjen

    2012-06-15

    Critical care delivery is a complex, expensive, error prone, medical specialty and remains the focal point of major improvement efforts in healthcare delivery. Various modeling and simulation techniques offer unique opportunities to better understand the interactions between clinical physiology and care delivery. The novel insights gained from the systems perspective can then be used to develop and test new treatment strategies and make critical care delivery more efficient and effective. However, modeling and simulation applications in critical care remain underutilized. This article provides an overview of major computer-based simulation techniques as applied to critical care medicine. We provide three application examples of different simulation techniques, including a) pathophysiological model of acute lung injury, b) process modeling of critical care delivery, and c) an agent-based model to study interaction between pathophysiology and healthcare delivery. Finally, we identify certain challenges to, and opportunities for, future research in the area.

  2. Software design analysis technique for the development of PLC-based safety-critical systems

    Energy Technology Data Exchange (ETDEWEB)

    Koo, Seo Ryong; Seong, Poong Hyun [Korea Advanced Institute of Science and Technology, Taejeon (Korea, Republic of)

    2005-11-15

    To develop and implement a safety-critical system, the requirements of the system must be analyzed thoroughly during the phases of a software development's life cycle because a single error in the requirements can generate serious software faults. In this study, a nuclear FBD-style design specification and analysis (NuFDS) approach was proposed for PLC based safety-critical systems. The NuFDS approach is suggested in a straightforward manner for the effective and formal specification and analysis of software designs. Accordingly, the proposed NuFDS approach comprises one technique for specifying the software design and another for analyzing the software design.

  3. Definition and means of maintaining the criticality detectors and alarms portion of the PFP safety envelope

    International Nuclear Information System (INIS)

    White, W.F.

    1997-01-01

    The Criticality Alarm System (CAS) provides continuous detection for high radiation (criticality) events and automatically initiates an evacuation signal to affected personnel. The Safety Envelope (SE) for PFP includes the necessary equipment and the required procedures to ensure the CAS is capable of performing its intended function. This document provides the definition and means of maintaining the SE for PFP related to the CAS. This document also identifies and provides a justification for those portions of the CAS excluded from the PFP Safety Envelope

  4. Nuclear Criticality Safety Organization guidance for the development of continuing technical training. Revision 1

    International Nuclear Information System (INIS)

    Carroll, K.J.; Taylor, R.G.; Worley, C.A.

    1997-01-01

    The Nuclear Criticality Safety Organization (NCSO) is committed to developing and maintaining a staff of highly qualified personnel to meet the current and anticipated needs in nuclear criticality safety at the Oak Ridge Y-12 Plant and throughout the DOE complex. Continuing technical training is training outside of the initial qualification program to address identified organization-wide needs. Typically, this training is used to improve organization performance in the conduct of business. This document provides guidelines for the development of the technical portions of the Continuing Training Program. It is not a step-by-step procedure, but a collection of considerations to be used during the development process

  5. Maintaining scale as a realiable computational system for criticality safety analysis

    International Nuclear Information System (INIS)

    Bowmann, S.M.; Parks, C.V.; Martin, S.K.

    1995-01-01

    Accurate and reliable computational methods are essential for nuclear criticality safety analyses. The SCALE (Standardized Computer Analyses for Licensing Evaluation) computer code system was originally developed at Oak Ridge National Laboratory (ORNL) to enable users to easily set up and perform criticality safety analyses, as well as shielding, depletion, and heat transfer analyses. Over the fifteen-year life of SCALE, the mainstay of the system has been the criticality safety analysis sequences that have featured the KENO-IV and KENO-V.A Monte Carlo codes and the XSDRNPM one-dimensional discrete-ordinates code. The criticality safety analysis sequences provide automated material and problem-dependent resonance processing for each criticality calculation. This report details configuration management which is essential because SCALE consists of more than 25 computer codes (referred to as modules) that share libraries of commonly used subroutines. Changes to a single subroutine in some cases affect almost every module in SCALE exclamation point Controlled access to program source and executables and accurate documentation of modifications are essential to maintaining SCALE as a reliable code system. The modules and subroutine libraries in SCALE are programmed by a staff of approximately ten Code Managers. The SCALE Software Coordinator maintains the SCALE system and is the only person who modifies the production source, executables, and data libraries. All modifications must be authorized by the SCALE Project Leader prior to implementation

  6. Nuclear knowledge management experience of the International Criticality Safety Benchmark Evaluation Project

    International Nuclear Information System (INIS)

    Briggs, J.B.; Nouri, A.; Dean, V.A.F.

    2004-01-01

    The International Criticality Safety Benchmark Evaluation Project (ICSBEP) was initiated in 1992 by the United States Department of Energy. The ICSBEP became an official activity of the Organization for Economic Cooperation and Development (OECD) -- Nuclear Energy Agency (NEA) in 1995. Representatives from the United States, United Kingdom, France, Japan, the Russian Federation, Hungary, Republic of Korea, Slovenia, Serbia and Montenegro (formerly Yugoslavia), Kazakhstan, Spain, Israel, Brazil, Poland, and the Czech Republic are now participating. South Africa, India, China, and Germany are considering participation. The purpose of the ICSBEP is to identify, evaluate, verify, and formally document a comprehensive and internationally peer-reviewed set of criticality safety benchmark data. The work of the ICSBEP is published as an OECD handbook entitled 'International Handbook of Evaluated Criticality Safety Benchmark Experiments'. The 2004 Edition of the Handbook contains benchmark specifications for 3331 critical or subcritical configurations that are intended for use in validation efforts and for testing basic nuclear data. The Handbook is being used extensively for validation of criticality safety methodologies and nuclear data testing and is expected to be a valuable resource for code and data validation and improvement efforts for decades to come. (author)

  7. Deadline-Aware Deployment for Time Critical Applications in Clouds

    NARCIS (Netherlands)

    Hu, Y.; Wang, J.; Zhou, H.; Martin, P.; Taal, A.; de Laat, C.; Zhao, Z.; Rivera, F.F.; Pena, T.F.; Cabaleiro, J.C.

    2017-01-01

    Time critical applications are appealing to deploy in clouds due to the elasticity of cloud resources and their on-demand nature. However, support for deploying application components with strict deadlines on their deployment is lacking in current cloud providers. This is particularly important for

  8. Nuclear criticality safety experiments, calculations, and analyses: 1958 to 1982. Volume 1. Lookup tables

    International Nuclear Information System (INIS)

    Koponen, B.L.; Hampel, V.E.

    1982-01-01

    This compilation contains 688 complete summaries of papers on nuclear criticality safety as presented at meetings of the American Nuclear Society (ANS). The selected papers contain criticality parameters for fissile materials derived from experiments and calculations, as well as criticality safety analyses for fissile material processing, transport, and storage. The compilation was developed as a component of the Nuclear Criticality Information System (NCIS) now under development at the Lawrence Livermore National Laboratory. The compilation is presented in two volumes: Volume 1 contains a directory to the ANS Transaction volume and page number where each summary was originally published, the author concordance, and the subject concordance derived from the keyphrases in titles. Volume 2 contains - in chronological order - the full-text summaries, reproduced here by permission of the American Nuclear Society from their Transactions, volumes 1-41

  9. Fault tree synthesis for software design analysis of PLC based safety-critical systems

    Energy Technology Data Exchange (ETDEWEB)

    Koo, S. R.; Cho, C. H. [Corporate R and D Inst., Doosan Heavy Industries and Construction Co., Ltd., 39-3, Seongbok-Dong, Yongin-Si, Gyeonggi-Do 449-795 (Korea, Republic of); Seong, P. H. [Dept. of Nuclear and Quantum Engineering, Korea Advanced Inst. of Science and Technology, 373-3 Guseong-dong, Yuseong-gu, Daejeon, 305-701 (Korea, Republic of)

    2006-07-01

    As a software verification and validation should be performed for the development of PLC based safety-critical systems, a software safety analysis is also considered in line with entire software life cycle. In this paper, we propose a technique of software safety analysis in the design phase. Among various software hazard analysis techniques, fault tree analysis is most widely used for the safety analysis of nuclear power plant systems. Fault tree analysis also has the most intuitive notation and makes both qualitative and quantitative analyses possible. To analyze the design phase more effectively, we propose a technique of fault tree synthesis, along with a universal fault tree template for the architecture modules of nuclear software. Consequently, we can analyze the safety of software on the basis of fault tree synthesis. (authors)

  10. Safeguarding Safety Critical Infrastructure with Mobile Robot Inspectors , Opportunities and Challenges

    OpenAIRE

    Sattar, T

    2016-01-01

    Safeguarding Critical Infrastructure with Robotic Inspection, Opportunities and Challenges Reliable Non Destructive Testing (NDT) is vital to the integrity, performance management and sustainability of capital assets in safety critical industries such as oil and gas, aerospace, transportation, power generation and off-shore and subsea operations. The talk will explore opportunities to improve the NDT of industrial structures and decrease the cost of inspection by automating the NDT with mobil...

  11. Criticality safety criteria for the handling, storage, and transportation of LWR fuel outside reactors: ANS-8.17-1984

    International Nuclear Information System (INIS)

    Whitesides, G.E.

    1996-01-01

    The potential for criticality accidents during the handling, storage, and transportation of fuel for nuclear reactors represents a health and safety risk to personnel involved in these activities, as well as to the general public. Appropriate design of equipment and facilities, handling procedures, and personnel training can minimize this risk. Even though the focus of the American National Standard, 'Nuclear Criticality Safety in Operations with Fissionable Materials Outside Reactors,' ANSI/ANS-8.1-1983, is general criteria for the ensurance of criticality safety, ANS-8.17-1984, provides additional guidance applicable to handling, storage, and transportation of light-water- reactor (LWR) nuclear fuel units in any phase of the fuel cycle outside the reactor core. ANS-8.17 had its origin in the late 1970s when a work group consisting of representatives from private industry, personnel from government contractor facilities, and scientists and engineers from the national laboratories was established. The work of this group resulted in the issuance of ANSI/ANS-8.17 in January 1984. This document provides a discussion of this standard

  12. Guidance for the definition and application of probabilistic safety criteria

    International Nuclear Information System (INIS)

    Holmberg, J.-E.; Knochenhauer, M.

    2011-05-01

    The project 'The Validity of Safety Goals' has been financed jointly by NKS (Nordic Nuclear Safety Research), SSM (Swedish Radiation Safety Authority) and the Swedish and Finnish nuclear utilities. The national financing went through NPSAG, the Nordic PSA Group (Swedish contributions) and SAFIR2010, the Finnish research programme on NPP safety (Finnish contributions). The project has been performed in four phases during 2006-2010. This guidance document aims at describing, on the basis of the work performed throughout the project, issues to consider when defining, applying and interpreting probabilistic safety criteria. Thus, the basic aim of the document is to serve as a checklist and toolbox for the definition and application of probabilistic safety criteria. The document describes the terminology and concepts involved, the levels of criteria and relations between these, how to define a probabilistic safety criterion, how to apply a probabilistic safety criterion, on what to apply the probabilistic safety criterion, and how to interpret the result of the application. The document specifically deals with what makes up a probabilistic safety criterion, i.e., the risk metric, the frequency criterion, the PSA used for assessing compliance and the application procedure for the criterion. It also discusses the concept of subsidiary criteria, i.e., different levels of safety goals. The results from the project can be used as a platform for discussions at the utilities on how to define and use quantitative safety goals. The results can also be used by safety authorities as a reference for risk-informed regulation. The outcome can have an impact on the requirements on PSA, e.g., regarding quality, scope, level of detail, and documentation. Finally, the results can be expected to support on-going activities concerning risk-informed applications. (Author)

  13. Guidance for the definition and application of probabilistic safety criteria

    Energy Technology Data Exchange (ETDEWEB)

    Holmberg, J.-E. (VTT Technical Research Centre of Finland (Finland)); Knochenhauer, M. (Scandpower AB (Sweden))

    2011-05-15

    The project 'The Validity of Safety Goals' has been financed jointly by NKS (Nordic Nuclear Safety Research), SSM (Swedish Radiation Safety Authority) and the Swedish and Finnish nuclear utilities. The national financing went through NPSAG, the Nordic PSA Group (Swedish contributions) and SAFIR2010, the Finnish research programme on NPP safety (Finnish contributions). The project has been performed in four phases during 2006-2010. This guidance document aims at describing, on the basis of the work performed throughout the project, issues to consider when defining, applying and interpreting probabilistic safety criteria. Thus, the basic aim of the document is to serve as a checklist and toolbox for the definition and application of probabilistic safety criteria. The document describes the terminology and concepts involved, the levels of criteria and relations between these, how to define a probabilistic safety criterion, how to apply a probabilistic safety criterion, on what to apply the probabilistic safety criterion, and how to interpret the result of the application. The document specifically deals with what makes up a probabilistic safety criterion, i.e., the risk metric, the frequency criterion, the PSA used for assessing compliance and the application procedure for the criterion. It also discusses the concept of subsidiary criteria, i.e., different levels of safety goals. The results from the project can be used as a platform for discussions at the utilities on how to define and use quantitative safety goals. The results can also be used by safety authorities as a reference for risk-informed regulation. The outcome can have an impact on the requirements on PSA, e.g., regarding quality, scope, level of detail, and documentation. Finally, the results can be expected to support on-going activities concerning risk-informed applications. (Author)

  14. Study on application of safety checklist in preventive maintenance activities

    International Nuclear Information System (INIS)

    Shi Jin; Chen Song; Liu Jingquan

    2013-01-01

    The paper describes the principles and the characteristics of safety checklist as a risk evaluation method. Examples of application of safety checklists to preventive maintenance activities such as criteria comparison and checkup items in place in nuclear power plants are illustrated in details with issues appeared in the checklist establishment. Checklist has a good application in the RCM analysis or in the actual preventive maintenance program for Chashma Nuclear Power Plant indicated by concrete instances. In the light of safety checklist which is used to sustain preventive maintenance as a simple and applicable risk analysis approach, we can get deep knowledge of risks of nuclear power plant to perfect preventive maintenance activities. (authors)

  15. A reliability evaluation method for NPP safety DCS application software

    International Nuclear Information System (INIS)

    Li Yunjian; Zhang Lei; Liu Yuan

    2014-01-01

    In the field of nuclear power plant (NPP) digital i and c application, reliability evaluation for safety DCS application software is a key obstacle to be removed. In order to quantitatively evaluate reliability of NPP safety DCS application software, this paper propose a reliability evaluating method based on software development life cycle every stage's v and v defects density characteristics, by which the operating reliability level of the software can be predicted before its delivery, and helps to improve the reliability of NPP safety important software. (authors)

  16. Safety, danger and catastrophe inevitability in operation of safety-critical software algorithms: a possible new look at software safety analysis

    International Nuclear Information System (INIS)

    Povyakalo, A.A.

    2000-01-01

    The paper provides basic definitions and describes the basic procedure of the Formal Qualitative Safety Analysis (FQSA) of critical software algorithms. The procedure is described by C-based pseudo-code. It uses the notion of weakest precondition and representation of a given critical algorithm by a Gurevich's Abstract State Mashine (GASM). For a given GASM and a given Catastrophe Condition the procedure results in a Catastrophe Inevitability Condition (it means that every sequence of algorithm steps lead to a catastrophe early or late), Danger Condition (it means that next step may lead to a catastrophe or make a catastrophe to be inevitable, but a catastrophe may be prevented yet), Safety Condition (it means that a next step can not lead to a catastrophe or make a catastrophe to be inevitable). The using of proposed procedure is illustrated by a simplest test example of algorithm. The FQSA provides a logical basis for PSA of critical algorithm. (author)

  17. Development and applications of a safety assessment system for promoting safety culture in nuclear power plants

    International Nuclear Information System (INIS)

    Takano, Ken-ichi; Hasegawa, Naoko; Hirose, Ayako; Hayase, Ken-ichi

    2004-01-01

    For past five years, CRIEPI has been continuing efforts to develop and make applications of a 'safety assessment system' which enable to measure the safety level of organization. This report describe about frame of the system, assessment results and its reliability, and relation between labor accident rate in the site and total safety index (TSI), which can be obtained by the principal factors analysis. The safety assessment in this report is based on questionnaire survey of employee. The format and concrete questionnaires were developed using existing literatures including organizational assessment tools. The tailored questionnaire format involved 124 questionnaire items. The assessment results could be considered as a well indicator of the safety level of organization, safety management, and safety awareness of employee. (author)

  18. Safety-barrier diagrams as a tool for modelling safety of hydrogen applications

    DEFF Research Database (Denmark)

    Duijm, Nijs Jan; Markert, Frank

    2009-01-01

    Safety-barrier diagrams have proven to be a useful tool in documenting the safety measures taken to prevent incidents and accidents in process industry. Especially during the introduction of new hydrogen technologies or applications, as e.g. hydrogen refuelling stations, safety-barrier diagrams...... are considered a valuable supplement to other traditional risk analysis tools to support the communication with authorities and other stakeholders during the permitting process. Another advantage of safety-barrier diagrams is that they highlight the importance of functional and reliable safety barriers in any...... system and here is a direct focus on those barriers that need to be subject to safety management in terms of design and installation, operational use, inspection and monitoring, and maintenance. Safety-barrier diagrams support both quantitative and qualitative approaches. The paper will describe...

  19. A study on quantitative V and V of safety-critical software

    International Nuclear Information System (INIS)

    Eom, H. S.; Kang, H. G.; Chang, S. C.; Ha, J. J.; Son, H. S.

    2004-03-01

    Recently practical needs have required quantitative features for the software reliability for Probabilistic Safety Assessment which is one of the important methods being used in assessing the overall safety of nuclear power plant. But the conventional assessment methods of software reliability could not provide enough information for PSA of NPP, therefore current assessments of a digital system which includes safety-critical software usually exclude the software part or use arbitrary values. This paper describes a Bayesian Belief Networks based method that models the rule-based qualitative software assessment method for a practical use and can produce quantitative results for PSA. The framework was constructed by utilizing BBN that can combine the qualitative and quantitative evidence relevant to the reliability of safety-critical software and can infer a conclusion in a formal and a quantitative way. The case study was performed by applying the method for assessing the quality of software requirement specification of safety-critical software that will be embedded in reactor protection system

  20. Operation, Safety and Human: Critical Factors for the Success of Railway Transportation

    NARCIS (Netherlands)

    Rajabali Nejad, Mohammadreza; Martinetti, Alberto; van Dongen, Leonardus Adriana Maria

    2016-01-01

    This paper focuses on three categories of performance indicators for railway transportation: the excellence of operation, system safety and human factors. These are among the most critical indicators for delivering high quality services. This paper discusses the main issues, challenges and future

  1. Safety analysis of the Los Alamos critical experiments facility: burst operation of Skua

    International Nuclear Information System (INIS)

    Orndoff, J.D.; Paxton, H.C.; Wimett, T.F.

    1980-12-01

    Detailed consideration of the Skua burst assembly is provided, thereby supplementing the facility Safety Analysis Report covering the operation of other critical assemblies at the Los Alamos Scientific Laboratory. As with these assemblies the small fission-product inventory, ambient pressure, and moderate temperatures in Skua are amenable to straightforward measures to ensure the protection of the public

  2. Cyclic executive for safety-critical Java on chip-multiprocessors

    DEFF Research Database (Denmark)

    Ravn, Anders P.; Schoeberl, Martin

    2010-01-01

    , that uses model checking to find a static schedule, if one exists at all, which gives an implementation of a table driven multiprocessor scheduler. To evaluate the proposed cyclic executive for multiprocessors we have implemented it in the context of safety-critical Java on a Java processor....

  3. Criticality safety and sensitivity analyses of PWR spent nuclear fuel repository facilities

    NARCIS (Netherlands)

    Maucec, M; Glumac, B

    Monte Carlo criticality safety and sensitivity calculations of pressurized water reactor (PWR) spent nuclear fuel repository facilities for the Slovenian nuclear power plant Krsko are presented. The MCNP4C code was deployed to model and assess the neutron multiplication parameters of pool-based

  4. Expressing best practices in (risk) analysis and testing of safety-critical systems using patterns

    DEFF Research Database (Denmark)

    Herzner, Wolfgang; Sieverding, Sven; Kacimi, Omar

    2014-01-01

    The continuing pervasion of our society with safety-critical cyber-physical systems not only demands for adequate (risk) analysis, testing and verification techniques, it also generates growing experience on their use, which can be considered as important as the tools themselves for their efficient...

  5. The integrated criticality safety evaluation for the Hanford tank waste treatment and immobilization plant

    International Nuclear Information System (INIS)

    Losey, D. C.; Miles, R. E.; Perks, M. F.

    2009-01-01

    The Criticality Safety Evaluation Report (CSER) for the Hanford Tank Waste Treatment and Immobilization Plant (WTP) has been developed as a single, integrated evaluation with a scope that covers all of the planned WTP operations. This integrated approach is atypical, as the scopes of criticality evaluations are usually more narrowly defined. Several adjustments were made in developing the WTP CSER, but the primary changes were to provide introductory overview for the criticality safety control strategy and to provide in-depth analysis of the underlying physical and chemical mechanisms that contribute to ensuring safety. The integrated approach for the CSER allowed a more consistent evaluation of safety and avoided redundancies that occur when evaluation is distributed over multiple documents. While the approach used with the WTP CSER necessitated more coordination and teamwork, it has yielded a report is that more integrated and concise than is typical. The integrated approach with the CSER produced a simple criticality control scheme that uses relatively few controls. (authors)

  6. Applications of nuclear safety probabilistic risk assessment to nuclear security for optimized risk mitigation

    Energy Technology Data Exchange (ETDEWEB)

    Donnelly, S.K.; Harvey, S.B. [Amec Foster Wheeler, Toronto, Ontario (Canada)

    2016-06-15

    Critical infrastructure assets such as nuclear power generating stations are potential targets for malevolent acts. Probabilistic methodologies can be applied to evaluate the real-time security risk based upon intelligence and threat levels. By employing this approach, the application of security forces and other protective measures can be optimized. Existing probabilistic safety analysis (PSA) methodologies and tools employed. in the nuclear industry can be adapted to security applications for this purpose. Existing PSA models can also be adapted and enhanced to consider total plant risk, due to nuclear safety risks as well as security risks. By creating a Probabilistic Security Model (PSM), safety and security practitioners can maximize the safety and security of the plant while minimizing the significant costs associated with security upgrades and security forces. (author)

  7. OECD/NEA working party on nuclear criticality safety: Challenge of new realities

    International Nuclear Information System (INIS)

    Nomura, Y.; Brady, M.C.; Briggs, J.B.; Sartori, E.

    1998-01-01

    New issues in criticality safety continue to emerge as spent fuel storage facilities reach the saturation point, fuel enrichments and burn-ups increase and new types of plutonium-carrying fuels are being developed. The new challenges related to the manipulation, transportation and storage of fuel demand further work to improve models predicting behavior through new experiments, especially where there is a lack of data in the present databases. This article summarizes the activities of the OECD/NEA working groups that coordinate and carry out work in the domain of criticality safety. Particular attention is devoted to establishing sound databases required in this area and to addressing issues of high relevance such as burn-up credit. This is aimed toward improving safety and identifying economic solutions to issues concerning the back end of the fuel cycle

  8. OECD/NEA working party on nuclear criticality safety: challenge of new realities

    International Nuclear Information System (INIS)

    Nomura, Y.; Brady, M.C.; Briggs, J.B.; Sartori, E.

    1998-01-01

    New issues in critically safety continue to emerge as spent fuel storage facilities reach the saturation point, fuel enrichments and burn-ups increase and new types of plutonium-carrying fuels are being developed. The new challenges related to the manipulation, transportation and storage of fuel demand further work to improve models predicting behaviour through new experiments, especially where there is a lack of data the present databases. This article summarizes the activities of the OECD/NEA working groups that co-ordinate and carry out work in the domain of criticality safety. Particular attention is devoted to establishing sound databases required in this area and to addressing issues of high relevance such as burn-up credit. This is aimed toward improving safety and identifying economic solutions to issues concerning the back end of the fuel cycle. (authors)

  9. Lessons learned from a criticality safety case for historic PCM waste retrieval

    International Nuclear Information System (INIS)

    Kirkwood, David

    2003-01-01

    Plutonium Contaminated Material arises as a solid waste at the United Kingdom Sellafield Site. Its disposal route entails it being packaged into 200 litre mild steel drums which are currently placed in interim surface stores in large multi-layered arrays. Within one of the original Sellafield buildings, a large number of such drums accumulated in an area known as the South Solvent Cells during the late 1960s and early 1970s. They have remained there largely untouched until retrieval operations commenced in 2002. From the out-set, significant operational difficulties were encountered which led to a cessation of the retrieval operations after the processing of only twelve historic drums. These difficulties had their origins in the requirements of the criticality safety case and calibration of the plutonium assay instrumentation which supported the retrieval operations. This paper describes the remedial actions taken to address these difficulties which have allowed a successful resumption of waste retrieval operations and highlights learning points which have general applicability to any decommissioning or historic waste retrieval project that involves the fissile assay of plutonium (and 235 U) contaminated plant. (author)

  10. Impact of Fuel Failure on Criticality Safety of Used Nuclear Fuel

    International Nuclear Information System (INIS)

    Marshall, William J.; Wagner, John C.

    2012-01-01

    Commercial used nuclear fuel (UNF) in the United States is expected to remain in storage for considerably longer periods than originally intended (e.g., 45 GWd/t) may increase the potential for fuel failure during normal and accident conditions involving storage and transportation. Fuel failure, depending on the severity, can result in changes to the geometric configuration of the fuel, which has safety and regulatory implications. The likelihood and extent of fuel reconfiguration and its impact on the safety of the UNF is not well understood. The objective of this work is to assess and quantify the impact of fuel reconfiguration due to fuel failure on criticality safety of UNF in storage and transportation casks. This effort is primarily motivated by concerns related to the potential for fuel degradation during ES periods and transportation following ES. The criticality analyses consider representative UNF designs and cask systems and a range of fuel enrichments, burnups, and cooling times. The various failed-fuel configurations considered are designed to bound the anticipated effects of individual rod and general cladding failure, fuel rod deformation, loss of neutron absorber materials, degradation of canister internals, and gross assembly failure. The results quantify the potential impact on criticality safety associated with fuel reconfiguration and may be used to guide future research, design, and regulatory activities. Although it can be concluded that the criticality safety impacts of fuel reconfiguration during transportation subsequent to ES are manageable, the results indicate that certain configurations can result in a large increase in the effective neutron multiplication factor, k eff . Future work to inform decision making relative to which configurations are credible, and therefore need to be considered in a safety evaluation, is recommended.

  11. General principles of the nuclear criticality safety for handling, processing and transportation fissile materials in the USSR

    International Nuclear Information System (INIS)

    Vnukov, V.S.; Rjazanov, B.G.; Sviridov, V.I.; Frolov, V.V.; Zubkov, Y.N.

    1991-01-01

    The paper describes the general principles of nuclear criticality safety for handling, processing, transportation and fissile materials storing. Measures to limit the consequences of critical accidents are discussed for the fuel processing plants and fissile materials storage. The system of scientific and technical measures on nuclear criticality safety as well as the system of control and state supervision based on the rules, limits and requirements are described. The criticality safety aspects for various stages of handling nuclear materials are considered. The paper gives descriptions of the methods and approaches for critical risk assessments for the processing facilities, plants and storages. (Author)

  12. Transit safety retrofit package development : applications requirements document.

    Science.gov (United States)

    2014-05-01

    This Application Requirements Document for the Transit Safety Retrofit Package (TRP) Development captures the : system, hardware and software requirements towards fulfilling the technical objectives stated within the contract. : To achieve the object...

  13. A study of RFID application impacts on medical safety.

    Science.gov (United States)

    Chang, She-I; Ou, Chin-Shyh; Ku, Cheng-Yuan; Yang, Morris

    2008-01-01

    With the international reform in medical management systems gaining ground worldwide, hospital management has gradually begun to shift its focus from providing expensive medical treatment to improving medical service quality and patient safety. In this study, we discuss the application of Radio Frequency Identification (RFID) and data integrating technology with the medical service, and examine whether or not this technology can enhance medical safety. We also discuss the possible benefits following the application of the RFID system. The findings show that the application of RFID to hospitals can actually generate benefits, which can be further divided into operational structure benefits, users' structure benefits, and organisational and environmental benefits. However, not all these benefits can achieve medical safety. Among them, only the operator and environmental benefits can play such roles. Nevertheless, the application of RFID can bring hospitals towards the integration of technology benefits and improved medical safety.

  14. Application of Software Safety Analysis Methods

    International Nuclear Information System (INIS)

    Park, G. Y.; Hur, S.; Cheon, S. W.; Kim, D. H.; Lee, D. Y.; Kwon, K. C.; Lee, S. J.; Koo, Y. H.

    2009-01-01

    A fully digitalized reactor protection system, which is called the IDiPS-RPS, was developed through the KNICS project. The IDiPS-RPS has four redundant and separated channels. Each channel is mainly composed of a group of bistable processors which redundantly compare process variables with their corresponding setpoints and a group of coincidence processors that generate a final trip signal when a trip condition is satisfied. Each channel also contains a test processor called the ATIP and a display and command processor called the COM. All the functions were implemented in software. During the development of the safety software, various software safety analysis methods were applied, in parallel to the verification and validation (V and V) activities, along the software development life cycle. The software safety analysis methods employed were the software hazard and operability (Software HAZOP) study, the software fault tree analysis (Software FTA), and the software failure modes and effects analysis (Software FMEA)

  15. Proceedings of the workshop on integral experiment covariance data for critical safety validation

    Energy Technology Data Exchange (ETDEWEB)

    Stuke, Maik (ed.)

    2016-04-15

    For some time, attempts to quantify the statistical dependencies of critical experiments and to account for them properly in validation procedures were discussed in the literature by various groups. Besides the development of suitable methods especially the quality and modeling issues of the freely available experimental data are in the focus of current discussions, carried out for example in the Expert Group on Uncertainty Analysis for Criticality Safety Assessment (UACSA) of the OECD-NEA Nuclear Science Committee. The same committee compiles and publishes also the freely available experimental data in the International Handbook of Evaluated Criticality Safety Benchmark Experiments. Most of these experiments were performed as series and might share parts of experimental setups leading to correlated results. The quality of the determination of these correlations and the underlying covariance data depend strongly on the quality of the documentation of experiments.

  16. Real-time software use in nuclear materials handling criticality safety control

    International Nuclear Information System (INIS)

    Huang, S.; Lappa, D.; Chiao, T.; Parrish, C.; Carlson, R.; Lewis, J.; Shikany, D.; Woo, H.

    1997-01-01

    This paper addresses the use of real-time software to assist handlers of fissionable nuclear material. We focus specifically on the issue of workstation mass limits, and the need for handlers to be aware of, and check against, those mass limits during material transfers. Here ''mass limits'' generally refer to criticality safety mass limits; however, in some instances, workstation mass limits for some materials may be governed by considerations other than criticality, e.g., fire or release consequence limitation. As a case study, we provide a simplified reliability comparison of the use of a manual two handler system with a software-assisted two handler system. We identify the interface points between software and handlers that are relevant to criticality safety

  17. Proceedings of the workshop on integral experiment covariance data for critical safety validation

    International Nuclear Information System (INIS)

    Stuke, Maik

    2016-04-01

    For some time, attempts to quantify the statistical dependencies of critical experiments and to account for them properly in validation procedures were discussed in the literature by various groups. Besides the development of suitable methods especially the quality and modeling issues of the freely available experimental data are in the focus of current discussions, carried out for example in the Expert Group on Uncertainty Analysis for Criticality Safety Assessment (UACSA) of the OECD-NEA Nuclear Science Committee. The same committee compiles and publishes also the freely available experimental data in the International Handbook of Evaluated Criticality Safety Benchmark Experiments. Most of these experiments were performed as series and might share parts of experimental setups leading to correlated results. The quality of the determination of these correlations and the underlying covariance data depend strongly on the quality of the documentation of experiments.

  18. Validation of Safety-Critical Systems for Aircraft Loss-of-Control Prevention and Recovery

    Science.gov (United States)

    Belcastro, Christine M.

    2012-01-01

    Validation of technologies developed for loss of control (LOC) prevention and recovery poses significant challenges. Aircraft LOC can result from a wide spectrum of hazards, often occurring in combination, which cannot be fully replicated during evaluation. Technologies developed for LOC prevention and recovery must therefore be effective under a wide variety of hazardous and uncertain conditions, and the validation framework must provide some measure of assurance that the new vehicle safety technologies do no harm (i.e., that they themselves do not introduce new safety risks). This paper summarizes a proposed validation framework for safety-critical systems, provides an overview of validation methods and tools developed by NASA to date within the Vehicle Systems Safety Project, and develops a preliminary set of test scenarios for the validation of technologies for LOC prevention and recovery

  19. Safety Evaluation Report, related to the renewal of the operating license for the critical experiment facility of the Rensselaer Polytechnic Institute (Docket No. 50-225)

    International Nuclear Information System (INIS)

    1983-10-01

    This Safety Evaluation Report for the application filed by the Rensselaer Polytechnic Institute (RPI) for a renewal of operating license CX-22 to continue to operate a critical experiment facility has been prepared by the Office of Nuclear Reactor Regulation of the US Nuclear Regulatory Commission. The facility is owned and operated by Rensselaer Polytechnic Institute and is located at a site in the city of Schenectady, New York. The staff concludes that this critical facility can continue to be operated by RPI without endangering the health and safety of the public

  20. Commercial grade item (CGI) dedication of MDR relays for nuclear safety related applications

    Science.gov (United States)

    Das, Ranjit K.; Julka, Anil; Modi, Govind

    1994-08-01

    MDR relays manufactured by Potter & Brumfield (P&B) have been used in various safety related applications in commercial nuclear power plants. These include emergency safety features (ESF) actuation systems, emergency core cooling systems (ECCS) actuation, and reactor protection systems. The MDR relays manufactured prior to May 1990 showed signs of generic failure due to corrosion and outgassing of coil varnish. P&B has made design changes to correct these problems in relays manufactured after May 1990. However, P&B does not manufacture the relays under any 10CFR50 Appendix B quality assurance (QA) program. They manufacture the relays under their commercial QA program and supply these as commercial grade items. This necessitates CGI Dedication of these relays for use in nuclear-safety-related applications. This paper presents a CGI dedication program that has been used to dedicate the MDR relays manufactured after been used to dedicate the MDR relays manufactured after May 1990. The program is in compliance with current Nuclear Regulatory Commission (NRC) and Electric Power Research Institute (EPRI) guidelines and applicable industry standards; it specifies the critical characteristics of the relays, provides the tests and analysis required to verify the critical characteristics, the acceptance criteria for the test results, performs source verification to quality P&B for its control of the critical characteristics, and provides documentation. The program provides reasonable assurance that the new MDR relays will perform their intended safety functions.

  1. Some Challenges in the Design of Human-Automation Interaction for Safety-Critical Systems

    Science.gov (United States)

    Feary, Michael S.; Roth, Emilie

    2014-01-01

    Increasing amounts of automation are being introduced to safety-critical domains. While the introduction of automation has led to an overall increase in reliability and improved safety, it has also introduced a class of failure modes, and new challenges in risk assessment for the new systems, particularly in the assessment of rare events resulting from complex inter-related factors. Designing successful human-automation systems is challenging, and the challenges go beyond good interface development (e.g., Roth, Malin, & Schreckenghost 1997; Christoffersen & Woods, 2002). Human-automation design is particularly challenging when the underlying automation technology generates behavior that is difficult for the user to anticipate or understand. These challenges have been recognized in several safety-critical domains, and have resulted in increased efforts to develop training, procedures, regulations and guidance material (CAST, 2008, IAEA, 2001, FAA, 2013, ICAO, 2012). This paper points to the continuing need for new methods to describe and characterize the operational environment within which new automation concepts are being presented. We will describe challenges to the successful development and evaluation of human-automation systems in safety-critical domains, and describe some approaches that could be used to address these challenges. We will draw from experience with the aviation, spaceflight and nuclear power domains.

  2. Requirement analysis of the safety-critical software implementation for the nuclear power plant

    International Nuclear Information System (INIS)

    Chang, Hoon Seon; Jung, Jae Cheon; Kim, Jae Hack; Nam, Sang Ku; Kim, Hang Bae

    2005-01-01

    The safety critical software shall be implemented under the strict regulation and standards along with hardware qualification. In general, the safety critical software has been implemented using functional block language (FBL) and structured language like C in the real project. Software design shall comply with such characteristics as; modularity, simplicity, minimizing the use of sub-routine, and excluding the interrupt logic. To meet these prerequisites, we used the computer-aided software engineering (CASE) tool to substantiate the requirements traceability matrix that were manually developed using Word processors or Spreadsheets. And the coding standard and manual have been developed to confirm the quality of software development process, such as; readability, consistency, and maintainability in compliance with NUREG/CR-6463. System level preliminary hazard analysis (PHA) is performed by analyzing preliminary safety analysis report (PSAR) and FMEA document. The modularity concept is effectively implemented for the overall module configurations and functions using RTP software development tool. The response time imposed on the basis of the deterministic structure of the safety-critical software was measured

  3. A new approach to the criticality safety assessment of PCM at BNFL Sellafield

    International Nuclear Information System (INIS)

    Darby, Sam; Kirkwood, Dave

    2003-01-01

    Plutonium Contaminated Material (PCM) arises as a solid waste on the Sellafield Site and is packaged into 200 litre drums which are placed into interim surface storage arrays. These wastes may also contain 235 U. The traditional approach to criticality safety has been based on ''worst-case'' reactivity modelling. This has recently led to a number of difficulties by implying that the 230 g (Pu + 235 U) drum limit is very important for criticality safety and the assay instruments used to demonstrate compliance with the limit need a high level of safety reliability. Also, the reliability and accuracy of the assay results of historical or legacy PCM became an issue. The new focus on substantiation of safety related equipment in BNFL has highlighted reliability shortfalls for the assay instruments. To overcome these shortfalls, additional operational practices on the PCM handling regimes were introduced to give increased confidence in the fissile assay results. These practices significantly delayed processing PCM waste stocks and resulted in significant additional operator dose uptake. Thus there were strong reasons to improve the existing approach. This paper describes a new approach to the criticality modelling of PCM. (author)

  4. Quality and safety: reflection on the implications for critical care nursing education.

    Science.gov (United States)

    Baid, Heather; Hargreaves, Jessica

    2015-07-01

    Safe and high quality health care is underpinned by health care professionals possessing the knowledge, skills and professional attributes which are necessary for their specific clinical speciality and area of practice. Education is crucial as it enables clinicians to learn and put into practice their specialist knowledge, skills and attributes. These elements will be based on clinical standards, which set the agenda for quality and safety in health care. The purpose of this paper is to reflect upon how a post-registration, degree-level critical care nursing course provided by an English university facilitates nurses to deliver high quality, safe nursing care for critically ill patients and their families. As a reflective analysis, the process of reflection will be guided and structured according to Rolfe's framework for reflective practice. The reflection is based upon the personal observations and teaching experiences of two university lecturers involved in the delivery of the critical care course. Critical care nursing education can incorporate informed practice, simulation and non-technical skills into post-registration critical-care nursing courses as a way of promoting high-quality, safe clinical practice in the critical care setting. This article provides examples from one course's experience with doing this and ends with specific recommendations for how critical care nursing courses can enhance further the promotion of quality and safety. Educators, mentors and students of post-registration critical care nursing courses are encouraged to explore the relevance of nursing education in promoting safe and high-quality clinical practice. © 2015 British Association of Critical Care Nurses.

  5. Safety Framework for Nuclear Power Source Applications in Outer Space

    International Nuclear Information System (INIS)

    2009-01-01

    Nuclear power sources (NPS) for use in outer space have been developed and used in space applications where unique mission requirements and constraints on electrical power and thermal management precluded the use of non-nuclear power sources. Such missions have included interplanetary missions to the outer limits of the Solar System, for which solar panels were not suitable as a source of electrical power because of the long duration of these missions at great distances from the Sun. According to current knowledge and capabilities, space NPS are the only viable energy option to power some space missions and significantly enhance others. Several ongoing and foreseeable missions would not be possible without the use of space NPS. Past, present and foreseeable space NPS applications include radioisotope power systems (for example, radioisotope thermoelectric generators and radioisotope heater units) and nuclear reactor systems for power and propulsion. The presence of radioactive materials or nuclear fuels in space NPS and their consequent potential for harm to people and the environment in Earth's biosphere due to an accident require that safety should always be an inherent part of the design and application of space NPS. NPS applications in outer space have unique safety considerations compared with terrestrial applications. Unlike many terrestrial nuclear applications, space applications tend to be used infrequently and their requirements can vary significantly depending upon the specific mission. Mission launch and outer space operational requirements impose size, mass and other space environment limitations not present for many terrestrial nuclear facilities. For some applications, space NPS must operate autonomously at great distances from Earth in harsh environments. Potential accident conditions resulting from launch failures and inadvertent re-entry could expose NPS to extreme physical conditions. These and other unique safety considerations for the use of

  6. Mobile healthcare applications: system design review, critical issues and challenges.

    Science.gov (United States)

    Baig, Mirza Mansoor; GholamHosseini, Hamid; Connolly, Martin J

    2015-03-01

    Mobile phones are becoming increasingly important in monitoring and delivery of healthcare interventions. They are often considered as pocket computers, due to their advanced computing features, enhanced preferences and diverse capabilities. Their sophisticated sensors and complex software applications make the mobile healthcare (m-health) based applications more feasible and innovative. In a number of scenarios user-friendliness, convenience and effectiveness of these systems have been acknowledged by both patients as well as healthcare providers. M-health technology employs advanced concepts and techniques from multidisciplinary fields of electrical engineering, computer science, biomedical engineering and medicine which benefit the innovations of these fields towards healthcare systems. This paper deals with two important aspects of current mobile phone based sensor applications in healthcare. Firstly, critical review of advanced applications such as; vital sign monitoring, blood glucose monitoring and in-built camera based smartphone sensor applications. Secondly, investigating challenges and critical issues related to the use of smartphones in healthcare including; reliability, efficiency, mobile phone platform variability, cost effectiveness, energy usage, user interface, quality of medical data, and security and privacy. It was found that the mobile based applications have been widely developed in recent years with fast growing deployment by healthcare professionals and patients. However, despite the advantages of smartphones in patient monitoring, education, and management there are some critical issues and challenges related to security and privacy of data, acceptability, reliability and cost that need to be addressed.

  7. Definition and means of maintaining the criticality detectors and alarms portion of the PFP safety envelope

    Energy Technology Data Exchange (ETDEWEB)

    White, W.F.

    1997-05-13

    The purpose of this document is to provide the definition and means of maintaining the Safety Envelope (SE) related to the Criticality Alarm System (CAS). This document provides amplification of the Limiting Condition for Operation (LCO) described in the Plutonium Finishing Plant (PFP) Operational Safety Requirements (OSR), WHC-SD-CP-OSR-010, Rev. 0, 1994, Section 3.1.2, Criticality Detectors and Alarms. This document, with its appendices, provides the following: (1) System functional requirements for determining system operability (Section 3); (2) A list of annotated system block diagrams which indicate the safety envelope boundaries (Appendix C); (3) A list of the Safety Class 1 and 2 Safety Envelope (SC-1/2 SE) equipment for input into the Master Component Index (Appendix B); (4) Functional requirements for individual SC-1/2 SE components, including appropriate setpoints and process parameters (Section 6 and Appendix A); (5) A list of the operational, maintenance and surveillance procedures necessary to operate and maintain the SC-1/2 SE components as required by the LCO (Section 6 and Appendix A).

  8. The Evaluation of the Safety Benefits of Combined Passive and On-Board Active Safety Applications

    Science.gov (United States)

    Page, Yves; Cuny, Sophie; Zangmeister, Tobias; Kreiss, Jens-Peter; Hermitte, Thierry

    2009-01-01

    One of the objectives of the European TRACE project (TRaffic Accident Causation in Europe, 2006–2008) was to estimate the proportion of injury accidents that could be avoided and/or the proportion of injury accidents where the severity could be mitigated for on-the-market safety applications, if 100 % of the car fleet would be equipped with them. We have selected for evaluation the Electronic Stability Control (ESC) and the Emergency Brake Assist (EBA) applications. As for passive safety systems, recent cars are designed to offer overall safety protection. Car structure, load limiters, front airbags, side airbags, knee airbags, pretensioners, padding and non aggressive structures in the door panel, the dashboard, the windshield, the seats, and the head rest also contribute to applying more protection. The whole safety package is very difficult to evaluate separately, one element independently segmented from the others. We decided to consider evaluating the effectivenessof the whole passive safety package, This package,, for the sake of simplicity, was the number of stars awarded at the Euro NCAP testing. The challenges were to compare the effectiveness of some safety configuration SC I, with the effectiveness of a different safety configuration SC II. A safety configuration is understood as a package of safety functions. Ten comparisons have been carried out such as the evaluation of the safety benefit of a fifth star given that the car has four stars and an EBA. The main outcome of this analysis is that any addition of a passive or active safety function selected in this analysis is producing increased safety benefits. For example, if all cars were five stars fitted with EBA and ESC, instead of four stars without ESC and EBA, injury accidents would be reduced by 47.2% for severe injuries and 69.5% for fatal injuries. PMID:20184838

  9. The evaluation of the safety benefits of combined passive and on-board active safety applications.

    Science.gov (United States)

    Page, Yves; Cuny, Sophie; Zangmeister, Tobias; Kreiss, Jens-Peter; Hermitte, Thierry

    2009-10-01

    One of the objectives of the European TRACE project (TRaffic Accident Causation in Europe, 2006-2008) was to estimate the proportion of injury accidents that could be avoided and/or the proportion of injury accidents where the severity could be mitigated for on-the-market safety applications, if 100 % of the car fleet would be equipped with them. We have selected for evaluation the Electronic Stability Control (ESC) and the Emergency Brake Assist (EBA) applications. As for passive safety systems, recent cars are designed to offer overall safety protection. Car structure, load limiters, front airbags, side airbags, knee airbags, pretensioners, padding and non aggressive structures in the door panel, the dashboard, the windshield, the seats, and the head rest also contribute to applying more protection. The whole safety package is very difficult to evaluate separately, one element independently segmented from the others. We decided to consider evaluating the effectiveness of the whole passive safety package, This package,, for the sake of simplicity, was the number of stars awarded at the Euro NCAP testing. The challenges were to compare the effectiveness of some safety configuration SC I, with the effectiveness of a different safety configuration SC II. A safety configuration is understood as a package of safety functions. Ten comparisons have been carried out such as the evaluation of the safety benefit of a fifth star given that the car has four stars and an EBA. The main outcome of this analysis is that any addition of a passive or active safety function selected in this analysis is producing increased safety benefits. For example, if all cars were five stars fitted with EBA and ESC, instead of four stars without ESC and EBA, injury accidents would be reduced by 47.2% for severe injuries and 69.5% for fatal injuries.

  10. Validation of Nuclear Criticality Safety Software and 27 energy group ENDF/B-IV cross sections

    Energy Technology Data Exchange (ETDEWEB)

    Lee, B.L. Jr.

    1994-08-01

    The validation documented in this report is based on calculations that were executed during June through August 1992, and was completed in June 1993. The statistical analyses in Appendix C and Appendix D were completed in October 1993. This validation gives Portsmouth NCS personnel a basis for performing computerized KENO V.a calculations using the Martin Marietta Nuclear Criticality Safety Software. The first portion of the document outlines basic information in regard to validation of NCSS using ENDF/B-IV 27-group cross sections on the IBM 3090 at ORNL. A basic discussion of the NCSS system is provided, some discussion on the validation database and validation in general. Then follows a detailed description of the statistical analysis which was applied. The results of this validation indicate that the NCSS software may be used with confidence for criticality calculations at the Portsmouth Gaseous Diffusion Plant. When the validation results are treated as a single group, there is 95% confidence that 99.9% of future calculations of similar critical systems will have a calculated K{sub eff} > 0.9616. Based on this result the Portsmouth Nuclear Criticality Safety Department has adopted the calculational acceptance criteria that a k{sub eff} + 2{sigma} {le} 0.95 is safety subcritical. The validation of NCSS on the IBM 3090 at ORNL was extended to include NCSS on the IBM 3090 at K-25.

  11. Application of Fuzzy theory to project scheduling with critical path ...

    African Journals Online (AJOL)

    Application of Fuzzy theory to project scheduling with critical path method. ... Journal of Applied Sciences and Environmental Management ... theory. The crisp activity durations are modeled as triangular fuzzy sets. Fuzzy forward pass was carried out to determine fuzzy activity earliest start, fuzzy event earliest time and fuzzy ...

  12. A critical evaluation of the operational application of various ...

    African Journals Online (AJOL)

    This article critically evaluates the definition and operational application of various settlement typologies across selected government departments for the purposes of the planning, implementation and monitoring of development programmes. Both quantitative and qualitative research methods are applied and informant and ...

  13. Guide to verification and validation of the SCALE-4 criticality safety software

    Energy Technology Data Exchange (ETDEWEB)

    Emmett, M.B.; Jordan, W.C.

    1996-12-01

    Whenever a decision is made to newly install the SCALE nuclear criticality safety software on a computer system, the user should run a set of verification and validation (V&V) test cases to demonstrate that the software is properly installed and functioning correctly. This report is intended to serve as a guide for this V&V in that it specifies test cases to run and gives expected results. The report describes the V&V that has been performed for the nuclear criticality safety software in a version of SCALE-4. The verification problems specified by the code developers have been run, and the results compare favorably with those in the SCALE 4.2 baseline. The results reported in this document are from the SCALE 4.2P version which was run on an IBM RS/6000 workstation. These results verify that the SCALE-4 nuclear criticality safety software has been correctly installed and is functioning properly. A validation has been performed for KENO V.a utilizing the CSAS25 criticality sequence and the SCALE 27-group cross-section library for {sup 233}U, {sup 235}U, and {sup 239}Pu fissile, systems in a broad range of geometries and fissile fuel forms. The experimental models used for the validation were taken from three previous validations of KENO V.a. A statistical analysis of the calculated results was used to determine the average calculational bias and a subcritical k{sub eff} criteria for each class of systems validated. Included the statistical analysis is a means of estimating the margin of subcriticality in k{sub eff}. This validation demonstrates that KENO V.a and the 27-group library may be used for nuclear criticality safety computations provided the system being analyzed falls within the range of the experiments used in the validation.

  14. Criticality safety evaluation of Rocky Flats Plant one-gallon shipping containers

    International Nuclear Information System (INIS)

    Briggs, J.B.

    1991-02-01

    Intraplant shipment of small quantities of plutonium and uranium at the Rocky Flats Plant (RFP) are made in one-gallon shipping containers. Criticality safety calculations have been performed to provide an analytical basis upon which handling, storage, and transportation limits on these containers are based. The calculations and results are documented in this report. This analysis was categorized as Quality Level A (according to the EG ampersand G Idaho Quality Manual) in that it is a service whose failure could cause undue risks to employees or public health and safety. It is intended to comply with NQA-1. 7 refs., 7 figs., 12 tabs

  15. Criticality safety analysis of spent fuel storage for NPP Mochovce using MCNP5

    International Nuclear Information System (INIS)

    Farkas, G.; Hascik, J.; Lueley, J.; Vrban, B.; Petriska, M.; Slugen, V.; Urban, P.

    2011-01-01

    The paper presents results of nuclear criticality safety analysis of spent fuel storage for the first and second unit of NPP Mochovce. The spent fuel storage pool (compact and reserve grid) was modeled using the Monte Carlo code MCNP5. Conservative approach was applied and calculation of k eff values was performed for normal and various postulated emergency conditions in order to evaluate the final maximal k eff values. The requirement of current safety regulations to ensure 5% subcriticality was met except one especially conservative case. (Authors)

  16. Practitioners' Perspectives on Change Impact Analysis for Safety-Critical Software - A Preliminary Analysis

    OpenAIRE

    Borg, Markus; de la Vara, José-Luis; Wnuk, Krzysztof

    2016-01-01

    Safety standards prescribe change impact analysis (CIA) during evolution of safety-critical software systems. Although CIA is a fundamental activity, there is a lack of empirical studies about how it is performed in practice. We present a case study on CIA in the context of an evolving automation system, based on 14 interviews in Sweden and India. Our analysis suggests that engineers on average spend 50-100 hours on CIA per year, but the effort varies considerably with the phases of projects....

  17. Critical review of controlled release packaging to improve food safety and quality.

    Science.gov (United States)

    Chen, Xi; Chen, Mo; Xu, Chenyi; Yam, Kit L

    2018-03-19

    Controlled release packaging (CRP) is an innovative technology that uses the package to release active compounds in a controlled manner to improve safety and quality for a wide range of food products during storage. This paper provides a critical review of the uniqueness, design considerations, and research gaps of CRP, with a focus on the kinetics and mechanism of active compounds releasing from the package. Literature data and practical examples are presented to illustrate how CRP controls what active compounds to release, when and how to release, how much and how fast to release, in order to improve food safety and quality.

  18. Feasibility and safety of virtual-reality-based early neurocognitive stimulation in critically ill patients.

    Science.gov (United States)

    Turon, Marc; Fernandez-Gonzalo, Sol; Jodar, Mercè; Gomà, Gemma; Montanya, Jaume; Hernando, David; Bailón, Raquel; de Haro, Candelaria; Gomez-Simon, Victor; Lopez-Aguilar, Josefina; Magrans, Rudys; Martinez-Perez, Melcior; Oliva, Joan Carles; Blanch, Lluís

    2017-12-01

    Growing evidence suggests that critical illness often results in significant long-term neurocognitive impairments in one-third of survivors. Although these neurocognitive impairments are long-lasting and devastating for survivors, rehabilitation rarely occurs during or after critical illness. Our aim is to describe an early neurocognitive stimulation intervention based on virtual reality for patients who are critically ill and to present the results of a proof-of-concept study testing the feasibility, safety, and suitability of this intervention. Twenty critically ill adult patients undergoing or having undergone mechanical ventilation for ≥24 h received daily 20-min neurocognitive stimulation sessions when awake and alert during their ICU stay. The difficulty of the exercises included in the sessions progressively increased over successive sessions. Physiological data were recorded before, during, and after each session. Safety was assessed through heart rate, peripheral oxygen saturation, and respiratory rate. Heart rate variability analysis, an indirect measure of autonomic activity sensitive to cognitive demands, was used to assess the efficacy of the exercises in stimulating attention and working memory. Patients successfully completed the sessions on most days. No sessions were stopped early for safety concerns, and no adverse events occurred. Heart rate variability analysis showed that the exercises stimulated attention and working memory. Critically ill patients considered the sessions enjoyable and relaxing without being overly fatiguing. The results in this proof-of-concept study suggest that a virtual-reality-based neurocognitive intervention is feasible, safe, and tolerable, stimulating cognitive functions and satisfying critically ill patients. Future studies will evaluate the impact of interventions on neurocognitive outcomes. Trial registration Clinical trials.gov identifier: NCT02078206.

  19. KAERI software verification and validation guideline for developing safety-critical software in digital I and C system of NPP

    International Nuclear Information System (INIS)

    Kim, Jang Yeol; Lee, Jang Soo; Eom, Heung Seop.

    1997-07-01

    This technical report is to present V and V guideline development methodology for safety-critical software in NPP safety system. Therefore it is to present V and V guideline of planning phase for the NPP safety system in addition to critical safety items, for example, independence philosophy, software safety analysis concept, commercial off the shelf (COTS) software evaluation criteria, inter-relationships between other safety assurance organizations, including the concepts of existing industrial standard, IEEE Std-1012, IEEE Std-1059. This technical report includes scope of V and V guideline, guideline framework as part of acceptance criteria, V and V activities and task entrance as part of V and V activity and exit criteria, review and audit, testing and QA records of V and V material and configuration management, software verification and validation plan production etc., and safety-critical software V and V methodology. (author). 11 refs

  20. Validation of KENO V.a for criticality safety calculations of low-enriched uranium-235 systems

    International Nuclear Information System (INIS)

    McCamis, R.H.

    1991-02-01

    The criticality safety analysis program KENO V.a, together with a 27-energy-group ENDF/B-IV criticality safety cross-section library, has been validated by comparison of calculations with the experimental results from critical benchmarks dealing with low-enriched (≤ 5 wt%) 235 U systems, obtained both from the literature and from recent AECL Research experiments with the SLOWPOKE Demonstration Reactor. The combination of the code and this data library is shown to be very suitable for criticality safety analyses of low-enriched 235 U systems, with mean values of the calculated reactivities being within 1% of the experimental values. (6 figs., 3 tabs., 37 refs.)

  1. Criticality safety of transuranic storage arrays at the Waste Isolation Pilot Plant

    International Nuclear Information System (INIS)

    Boyd, W.A.; Fecteau, M.W.

    1993-01-01

    The Waste Isolation Pilot Plant (WIPP) facility is designed to store transuranic waste that will consist mainly of surface contaminate articles and sludge. The fissile material in the waste is predominantly 239 Pu. The waste is grouped into two categories: contact-handled waste, which will be stored in 55-gal steel drums or in steel boxes, and remote-handled waste, which will be stored in specially designed cylindrical steel canisters. To show that criticality safety will be acceptable, criticality analyses were performed to demonstrate that a large number of containers with limiting loadings of fissile material could be stored at the site and meet a k eff limit of 0.95. Criticality analyses based on the classic worst-case moderated plutonium sphere approach would severely limit the capacity for storage of waste at the facility. Therefore, these analyses use realistic or credible worst-case assumptions to better represent the actual storage situation without compromising the margin of safety. Numerous sensitivity studies were performed to determine the importance of various parameters on the criticality of the configuration. It was determined that the plutonium loading has the dominant effect on the system reactivity. Nearly all other reactivity variations from the sensitivity studies were found to be relatively small. The analysis shows that criticality of the contact-handled waste storage drums and boxes and the remote-handled canisters is prevented by restrictions on maximum fissile loading per container and on the size of handling/storage areas

  2. Critical Incident Stress Management (CISM) in complex systems: cultural adaptation and safety impacts in healthcare.

    Science.gov (United States)

    Müller-Leonhardt, Alice; Mitchell, Shannon G; Vogt, Joachim; Schürmann, Tim

    2014-07-01

    In complex systems, such as hospitals or air traffic control operations, critical incidents (CIs) are unavoidable. These incidents can not only become critical for victims but also for professionals working at the "sharp end" who may have to deal with critical incident stress (CIS) reactions that may be severe and impede emotional, physical, cognitive and social functioning. These CIS reactions may occur not only under exceptional conditions but also during every-day work and become an important safety issue. In contrast to air traffic management (ATM) operations in Europe, which have readily adopted critical incident stress management (CISM), most hospitals have not yet implemented comprehensive peer support programs. This survey was conducted in 2010 at the only European general hospital setting which implemented CISM program since 2004. The aim of the article is to describe possible contribution of CISM in hospital settings framed from the perspective of organizational safety and individual health for healthcare professionals. Findings affirm that daily work related incidents also can become critical for healthcare professionals. Program efficiency appears to be influenced by the professional culture, as well as organizational structure and policies. Overall, findings demonstrate that the adaptation of the CISM program in general hospitals takes time but, once established, it may serve as a mechanism for changing professional culture, thereby permitting the framing of even small incidents or near misses as an opportunity to provide valuable feedback to the system. Copyright © 2014 Elsevier Ltd. All rights reserved.

  3. Effect of mixing state on criticality safety evaluation in MOX powder and additive

    International Nuclear Information System (INIS)

    Yamamoto, Toshihiro; Miyoshi, Yoshinori

    2005-01-01

    Criticality safety analyses are discussed in which MOX powder and additive (e.g. zinc-stearate) are mixed in a powder treatment process of MOX fuel fabrication. The multiplication factor k eff is largely affected by how they are mixed, i.e., how the density and volume change with the mixing. In general, k eff increases when MOX powder is mixed with zinc-stearate. However, plutonium content and density of MOX powder make a difference in the k eff 's changes. Especially, MOX powder with a higher plutonium content and a higher density is not always unsafe in terms of criticality if it is mixed with zinc-stearate. (author)

  4. The application of new mathematical structures to safety analysis

    International Nuclear Information System (INIS)

    Cooper, J.A.; Ross, T.J.

    1997-10-01

    Probabilistic safety analyses (PSAs) often depend on significant subjectivity. The recent successes of fuzzy logic and fuzzy and hybrid mathematics in portraying subjectivity is a reminder that a selection made from the most applicable mathematical tools is more important than forced adaptation of conventional tools. In this paper, the authors consider new approaches that enhance conventional and fuzzy PSA by improved handling of subjectivity. The most significant of the mathematical structures were have investigated (from a standpoint of safety analysis applications) will be described, and the general types of applications will be outlined

  5. Dust Combustion Safety Issues for Fusion Applications

    Energy Technology Data Exchange (ETDEWEB)

    L. C. Cadwallader

    2003-05-01

    This report summarizes the results of a safety research task to identify the safety issues and phenomenology of metallic dust fires and explosions that are postulated for fusion experiments. There are a variety of metal dusts that are created by plasma erosion and disruptions within the plasma chamber, as well as normal industrial dusts generated in the more conventional equipment in the balance of plant. For fusion, in-vessel dusts are generally mixtures of several elements; that is, the constituent elements in alloys and the variety of elements used for in-vessel materials. For example, in-vessel dust could be composed of beryllium from a first wall coating, tungsten from a divertor plate, copper from a plasma heating antenna or diagnostic, and perhaps some iron and chromium from the steel vessel wall or titanium and vanadium from the vessel wall. Each of these elements has its own unique combustion characteristics, and mixtures of elements must be evaluated for the mixture’s combustion properties. Issues of particle size, dust temperature, and presence of other combustible materials (i.e., deuterium and tritium) also affect combustion in air. Combustion in other gases has also been investigated to determine if there are safety concerns with “inert” atmospheres, such as nitrogen. Several coolants have also been reviewed to determine if coolant breach into the plasma chamber would enhance the combustion threat; for example, in-vessel steam from a water coolant breach will react with metal dust. The results of this review are presented here.

  6. Safety of Transmission in Railway Applications

    Directory of Open Access Journals (Sweden)

    Maria Franekova

    2003-01-01

    Full Text Available The paper deals with the problems of data security in safety - related transmission systems defined within railway process. It is intent on summary of treats and security tools against them within closed and open security systems. In details is analysed possibility of using channel coding techniques and cryptography mechanisms, which are defined according to norms EN 50159. For chosen security mechanisms are deal mathematical apparatus of probability of undetected error determination for channel decoders, relations for determination decipher encoder's complexity and error probability of cryptography code word.

  7. Trustworthy Variant Derivation with Translation Validation for Safety Critical Product Lines

    DEFF Research Database (Denmark)

    Iosif-Lazăr, Alexandru Florin; Wasowski, Andrzej

    2016-01-01

    Software product line (SPL) engineering facilitates development of entire families of software products with systematic reuse. Model driven SPLs use models in the design and development process. In the safety critical domain, validation of models and testing of code increases the quality of the p......Software product line (SPL) engineering facilitates development of entire families of software products with systematic reuse. Model driven SPLs use models in the design and development process. In the safety critical domain, validation of models and testing of code increases the quality...... of the products altogether. However, to maintain this trustworthiness it is necessary to know that the SPL tools, which manipulate models and code to derive concrete product variants, do not introduce errors in the process. We propose a general technique of checking correctness of product derivation tools through...

  8. Model-based schedulability analysis of safety critical hard real-time Java programs

    DEFF Research Database (Denmark)

    Bøgholm, Thomas; Kragh-Hansen, Henrik; Olsen, Petur

    2008-01-01

    In this paper, we present a novel approach to schedulability analysis of Safety Critical Hard Real-Time Java programs. The approach is based on a translation of programs, written in the Safety Critical Java profile introduced in [21] for the Java Optimized Processor [18], to timed automata models...... verifiable by the Uppaal model checker [23]. Schedulability analysis is reduced to a simple reachability question, checking for deadlock freedom. Model-based schedulability analysis has been developed by Amnell et al. [2], but has so far only been applied to high level specifications, not actual...... implementations in a programming language. Experiments show that model-based schedulability analysis can result in a more accurate analysis than possible with traditional approaches, thus systems deemed non-schedulable by traditional approaches may in fact be schedulable, as detected by our analysis. Our approach...

  9. Prevention of criticality accidents

    International Nuclear Information System (INIS)

    Canavese, S.I.

    1982-01-01

    These notes used in the postgraduate course on Radiological Protection and Nuclear Safety discuss macro-and microscopic nuclear constants for fissile materials systems. Critical systems: their definition; criteria to analyze the critical state; determination of the critical size; analysis of practical problems about prevention of criticality. Safety of isolated units and of sets of units. Application of standards. Conception of facilities from the criticality control view point. (author) [es

  10. Reliability evaluation of the power supply of an electrical power net for safety-relevant applications

    International Nuclear Information System (INIS)

    Dominguez-Garcia, Alejandro D.; Kassakian, John G.; Schindall, Joel E.

    2006-01-01

    In this paper, we introduce a methodology for the dependability analysis of new automotive safety-relevant systems. With the introduction of safety-relevant electronic systems in cars, it is necessary to carry out a thorough dependability analysis of those systems to fully understand and quantify the failure mechanisms in order to improve the design. Several system level FMEAs are used to identify the different failure modes of the system and, a Markov model is constructed to quantify their probability of occurrence. A new power net architecture with application to new safety-relevant automotive systems, such as Steer-by-Wire or Brake-by-Wire, is used as a case study. For these safety-relevant loads, loss of electric power supply means loss of control of the vehicle. It is, therefore, necessary and critical to develop a highly dependable power net to ensure power to these loads under all circumstances

  11. Critical spaces for quasilinear parabolic evolution equations and applications

    Science.gov (United States)

    Prüss, Jan; Simonett, Gieri; Wilke, Mathias

    2018-02-01

    We present a comprehensive theory of critical spaces for the broad class of quasilinear parabolic evolution equations. The approach is based on maximal Lp-regularity in time-weighted function spaces. It is shown that our notion of critical spaces coincides with the concept of scaling invariant spaces in case that the underlying partial differential equation enjoys a scaling invariance. Applications to the vorticity equations for the Navier-Stokes problem, convection-diffusion equations, the Nernst-Planck-Poisson equations in electro-chemistry, chemotaxis equations, the MHD equations, and some other well-known parabolic equations are given.

  12. V and V based Fault Estimation Method for Safety-Critical Software using BNs

    International Nuclear Information System (INIS)

    Eom, Heung Seop; Park, Gee Yong; Jang, Seung Cheol; Kang, Hyun Gook

    2011-01-01

    Quantitative software reliability measurement approaches have severe limitations in demonstrating the proper level of reliability for safety-critical software. These limitations can be overcome by using some other means of assessment. One of the promising candidates is based on the quality of the software development. Particularly in the nuclear industry, regulatory bodies in most countries do not accept the concept of quantitative goals as a sole means of meeting their regulations for the reliability of digital computers in NPPs, and use deterministic criteria for both hardware and software. The point of deterministic criteria is to assess the whole development process and its related activities during the software development life cycle for the acceptance of safety-critical software, and software V and V plays an important role in this process. In this light, we studied a V and V based fault estimation method using Bayesian Nets (BNs) to assess the reliability of safety-critical software, especially reactor protection system software in a NPP. The BNs in the study were made for an estimation of software faults and were based on the V and V frame, which governs the development of safety-critical software in the nuclear field. A case study was carried out for a reactor protection system that was developed as a part of the Korea Nuclear Instrumentation and Control System. The insight from the case study is that some important factors affecting the fault number of the target software include the residual faults in the system specification, maximum number of faults introduced in the development phase, ratio between process/function characteristic, uncertainty sizing, and fault elimination rate by inspection activities

  13. Safety-critical Java with cyclic executives on chip-multiprocessors

    DEFF Research Database (Denmark)

    Ravn, Anders P.; Schoeberl, Martin

    2012-01-01

    Chip-multiprocessors offer increased processing power at a low cost. However, in order to use them for real-time systems, tasks have to be scheduled efficiently and predictably. It is well known that finding optimal schedules is a computationally hard problem. In this paper we present a solution ...... for multiprocessors, we have implemented it in the context of safety-critical Java on a Java processor....

  14. Criticality safety evaluation of Rocky Flats Plant one-gallon shipping containers

    International Nuclear Information System (INIS)

    Shaw, M.E.

    1991-12-01

    Criticality safety calculations have been performed to provide an analytical basis for handling, storage and transport of Rocky Flats Plant (RFP) one-gallon shipping containers. A mass limit was establish for metal (solid uranium or plutonium) and slurries (undissolved U or Pu solids in a ''mud,'' ''sludge,'' or ''slurry''). A separate volume limit was developed for plutonium solutions (liquids, either aqueous or organic, containing no visible undissolved solids)

  15. Nuclear criticality safety program at the University of Tennessee-Knoxville

    Energy Technology Data Exchange (ETDEWEB)

    Basoglu, B.; Bentley, C.; Brewer, R.; Dunn, M.; Haught, C.; Plaster, M.; Wilkinson, A.; Dodds, H. (Univ. of Tennessee, Knoxville, TN (United States)); Elliott, E.; Waddell, W. (Martin Marietta Energy Systems Inc., Oak Ridge, TN (United States))

    1993-01-01

    This paper presents an overview of the nuclear criticality safety (NCS) educational program at the University of Tennessee-Knoxville. The program is an academic specialization for nuclear engineering graduate students pursuing either the MS or PhD degree and includes special NCS courses and NCS research projects. Both the courses and the research projects serve as partial fulfillment of the requirements for the degree being pursued.

  16. Investigation of burnup credit allowance in the criticality safety evaluation of spent fuel casks

    Energy Technology Data Exchange (ETDEWEB)

    Lake, W.H. (USDOE, Washington, DC (USA)); Sanders, T.L. (Sandia National Labs., Albuquerque, NM (USA)); Parks, C.V. (Oak Ridge National Lab., TN (USA))

    1990-01-01

    This presentation discusses work in progress on criticality analysis verification for designs which take account of the burnup and age of transported fuel. The work includes verification of cross section data, correlation with experiments, proper extension of the methods into regimes not covered by experiments, establishing adequate reactivity margins, and complete documentation of the project. Recommendations for safe operational procedures are included, as well as a discussion of the economic and safety benefits of such designs.

  17. Criticality safety evaluation of Rocky Flats Plant one-gallon shipping containers

    Energy Technology Data Exchange (ETDEWEB)

    Shaw, M.E.

    1991-12-01

    Criticality safety calculations have been performed to provide an analytical basis for handling, storage and transport of Rocky Flats Plant (RFP) one-gallon shipping containers. A mass limit was establish for metal (solid uranium or plutonium) and slurries (undissolved U or Pu solids in a mud,'' sludge,'' or slurry''). A separate volume limit was developed for plutonium solutions (liquids, either aqueous or organic, containing no visible undissolved solids).

  18. Criticality safety evaluation of Rocky Flats Plant one-gallon shipping containers

    Energy Technology Data Exchange (ETDEWEB)

    Shaw, M.E.

    1991-12-01

    Criticality safety calculations have been performed to provide an analytical basis for handling, storage and transport of Rocky Flats Plant (RFP) one-gallon shipping containers. A mass limit was establish for metal (solid uranium or plutonium) and slurries (undissolved U or Pu solids in a ``mud,`` ``sludge,`` or ``slurry``). A separate volume limit was developed for plutonium solutions (liquids, either aqueous or organic, containing no visible undissolved solids).

  19. Investigation of burnup credit allowance in the criticality safety evaluation of spent fuel casks

    International Nuclear Information System (INIS)

    Lake, W.H.; Sanders, T.L.; Parks, C.V.

    1990-01-01

    This presentation discusses work in progress on criticality analysis verification for designs which take account of the burnup and age of transported fuel. The work includes verification of cross section data, correlation with experiments, proper extension of the methods into regimes not covered by experiments, establishing adequate reactivity margins, and complete documentation of the project. Recommendations for safe operational procedures are included, as well as a discussion of the economic and safety benefits of such designs

  20. Improvement critical care patient safety: using nursing staff development strategies, at Saudi Arabia.

    Science.gov (United States)

    Basuni, Enas M; Bayoumi, Magda M

    2015-01-13

    Intensive care units (ICUs) provide lifesaving care for the critically ill patients and are associated with significant risks. Moreover complexity of care within ICUs requires that the health care professionals exhibit a trans-disciplinary level of competency to improve patient safety. This study aimed at using staff development strategies through implementing patient safety educational program that may minimize the medical errors and improve patient outcome in hospital. The study was carried out using a quasi experimental design. The settings included the intensive care units at General Mohail Hospital and National Mohail Hospital, King Khalid University, Saudi Arabia. The study was conducted from March to June 2012. A convenience sample of all prevalent nurses at three shifts in the aforementioned settings during the study period was recruited. The program was implemented on 50 staff nurses in different ICUs. Their age ranged between 25-40 years. Statistically significant relation was revealed between safety climate and job satisfaction among nurses in the study sample (p=0.001). The years of experiences in ICU ranged between one year 11 (16.4) to 10 years 20 (29.8), most of them (68%) were working in variable shift, while 32% were day shift only. Improvements were observed in safety climate, teamwork climate, and nurse turnover rates on ICUs after implementing a safety program. On the heels of this improvement; nurses' total knowledge, skills and attitude were enhanced regarding patient safety dimensions. Continuous educational program for ICUs nursing staff through organized in-service training is needed to increase their knowledge and skills about the importance of improving patient safety measure. Emphasizing on effective collaborative system also will improve patient safety measures in ICUS.

  1. Safety concerns to application of graphene compounds in pharmacy and medicine.

    Science.gov (United States)

    Mogharabi, Mehdi; Abdollahi, Mohammad; Faramarzi, Mohammad Ali

    2014-01-22

    Graphene, the new allotrope of carbon is a single layer of monocrystalline graphite with sp2 hybridized carbon atoms. This compound has received worldwide attention due to its extraordinary physical and chemical properties. Duo to the widespread application of geraphenes, concerns are raising about its environmental safety or the safety protocols for handling and waste of graphene-based materials. The generation of reactive free radicals, adsorption of important biomolecules, and physical toxicity of graphene also matter. Hereby we criticize the concerns on the toxicity of graphenes to provide some perspective on the potential hazards of future development in graphene-based biomaterials.

  2. Formal model-based development for safety-critical embedded software

    International Nuclear Information System (INIS)

    Kim, Jin Hyun; Choi, Jin Young

    2005-01-01

    Safety-critical embedded software for nuclear I and C system is developed under the safety and reliability regulation. Programmable logic controller(PLC) is a computer system for instrumentation and control (I and C) system of nuclear power plants. PLC consists of various I and C logics in software, including real-time operating system (RTOS). Hence, errors related with RTOS should be detected and eliminated in development processes. Practically, the verification and validation for errors in RTOS is performed in test procedure, in which a lot of tasks for testing are embedded in RTOS and are running under a test environments. But the test process can not be enough to guarantee the safety and reliability of RTOS. Therefore, in this paper, we introduce to applying formal methods with the development of software for the PLC. We particularity apply formal methods to a development of RTOS for PLC, which is a safety critical level. In this development, we use the state charts of I-Logix to specify and verification and model checking to verify the specification

  3. Formal verification and validation of the safety-critical software in a digital reactor protection system

    International Nuclear Information System (INIS)

    Kwon, K. C.; Park, G. Y.

    2006-01-01

    This paper describes the Verification and Validation (V and V) activities for the safety-critical software in a Digital Reactor Protection System (DRPS) that is being developed through the Korea nuclear instrumentation and control system project. The main activities of the DRPS V and V process are a preparation of the software planning documentation, a verification of the software according to the software life cycle, a software safety analysis and a software configuration management. The verification works for the Software Requirement Specification (SRS) of the DRPS consist of a technical evaluation, a licensing suitability evaluation, a inspection and traceability analysis, a formal verification, and preparing a test plan and procedure. Especially, the SRS is specified by the formal specification method in the development phase, and the formal SRS is verified by a formal verification method. Through these activities, we believe we can achieve the functionality, performance, reliability, and safety that are the major V and V objectives of the nuclear safety-critical software in a DRPS. (authors)

  4. How often do surgeons obtain the critical view of safety during laparoscopic cholecystectomy?

    Science.gov (United States)

    Stefanidis, Dimitrios; Chintalapudi, Nikita; Anderson-Montoya, Brittany; Oommen, Bindhu; Tobben, Daniel; Pimentel, Manuel

    2017-01-01

    The reported incidence (0.16-1.5 %) of bile duct injury (BDI) during laparoscopic cholecystectomy (LC) is higher than during open cholecystectomy and has not decreased over time despite increasing experience with the procedure. The "critical view of safety" (CVS) technique may help to prevent BDI when certain criteria are met prior to division of any structures. This study aimed to evaluate the adherence of practicing surgeons to the CVS criteria during LC and the impact of a training intervention on CVS identification. LC procedures of general surgeons were video-recorded. De-identified recordings were reviewed by a blinded observer and rated on a 6-point scale using the previously published CVS criteria. A coaching program was conducted, and participating surgeons were re-assessed in the same manner. The observer assessed ten LC videos, each involving a different surgeon. The CVS was adequately achieved by two surgeons (20 %). The remaining eight surgeons (80 %) did not obtain adequate CVS prior to division of any structures, despite two surgeons dictating that they did; the mean score of this group was 1.75. After training, five participating surgeons (50 %) scored > 4, and the mean increased from 1.75 (baseline) to 3.75 (p < 0.05). The CVS criteria were not routinely used by the majority of participating surgeons. Further, one-fourth of those who claimed to obtain the CVS did so inadequately. All surgeons who participated in training showed improvement during their post-assessment. Our findings suggest that education of practicing surgeons in the application of the CVS during LC can result in increased implementation and quality of the CVS. Pending studies with larger samples, our findings may partly explain the sustained BDI incidence despite increased experience with LC. Our study also supports the value of direct observation of surgical practices and subsequent training for quality improvement.

  5. Criticality safety strategy for the Fuel Cycle Facility electrorefiner at Argonne National Laboratory, West

    International Nuclear Information System (INIS)

    Mariani, R.D.; Benedict, R.W.; Lell, R.M.; Turski, R.B.; Fujita, E.K.

    1993-01-01

    The Integral Fast Reactor being developed by Argonne National Laboratory (ANL) combines the advantages of metal-fueled, liquid-metal-cooled reactors and a closed fuel cycle. Presently, the Fuel Cycle Facility (FCF) at ANL-West in Idaho Falls, Idaho is being modified to recycle spent metallic fuel from Experimental Breeder Reactor II as part of a demonstration project sponsored by the Department of Energy. A key component of the FCF is the electrorefiner (ER) in which the actinides are separated from the fission products. In the electrorefining process, the metal fuel is anodically dissolved into a high-temperature molten salt and refined uranium or uranium/plutonium products are deposited at cathodes. In this report, the criticality safety strategy for the FCF ER is summarized. FCF ER operations and processes formed the basis for evaluating criticality safety and control during actinide metal fuel refining. In order to show criticality safety for the FCF ER, the reference operating conditions for the ER had to be defined. Normal operating envelopes (NOES) were then defined to bracket the important operating conditions. To keep the operating conditions within their NOES, process controls were identified that can be used to regulate the actinide forms and content within the ER. A series of operational checks were developed for each operation that wig verify the extent or success of an operation. The criticality analysis considered the ER operating conditions at their NOE values as the point of departure for credible and incredible failure modes. As a result of the analysis, FCF ER operations were found to be safe with respect to criticality

  6. Emerging research methods and their application to road safety.

    Science.gov (United States)

    Tarko, Andrew; Boyle, Linda Ng; Montella, Alfonso

    2013-12-01

    The study of road safety has seen great strides over the past few decades with advances in analytical methods and research tools that allow researchers to provide insights into the complex interactions of the driver, vehicle, and roadway. Data collection methods range from traditional traffic and roadway sensors to instrumented vehicles and driving simulators, capable of providing detailed data on both the normal driving conditions and the circumstances surrounding a safety critical event. In September 2011, the Third International Conference on Road Safety and Simulation was held in Indianapolis, Indiana, USA, which was hosted by the Purdue University Center for Road Safety and sponsored by the Transportation Research Board and its three committees: ANB20 Safety Data, Analysis and Evaluation, AND30 Simulation and Measurement of Vehicle and Operator Performance, and ABJ95 Visualization in Transportation. The conference brought together two hundred researchers from all over the world demonstrating some of the latest research methods to quantify crash causality and associations, and model road safety. This special issue is a collection of 14 papers that were presented at the conference and then peer-reviewed through this journal. These papers showcase the types of analytical tools needed to examine various crash types, the use of naturalistic and on-road data to validate the use of surrogate measures of safety, and the value of driving simulators to examine high-risk situations. Copyright © 2013 Elsevier Ltd. All rights reserved.

  7. The Safety Assessment Framework Tool (SAFRAN) - Description, Overview and Applicability

    International Nuclear Information System (INIS)

    Alujevic, Luka

    2014-01-01

    The SAFRAN tool (Safety Assessment Framework) is a user-friendly software application that incorporates the methodologies developed in the SADRWMS (Safety Assessment Driven Radioactive Waste Management Solutions) project. The International Atomic Energy Agency (IAEA) organized the International Project on Safety Assessment Driving Radioactive Waste Management Solutions (SADRWMS) to examine international approaches to safety assessment for predisposal management of all types of radioactive waste, including disused sources, small volumes, legacy and decommissioning waste, operational waste, and large volume naturally occurring radioactive material residues. SAFRAN provides aid in: Describing the predisposal RW management activities in a systematic way, Conducting the SA (safety assessment) with clear documentation of the methodology, assumptions, input data and models, Establishing a traceable and transparent record of the safety basis for decisions on the proposed RW management solutions, Demonstrating clear consideration of and compliance with national and international safety standards and recommendations. The SAFRAN tool allows the user to visibly, systematically and logically address predisposal radioactive waste management and decommissioning challenges in a structured way. It also records the decisions taken in such a way that it constitutes a justifiable safety assessment of the proposed management solutions. The objective of this paper is to describe the SAFRAN architecture and features, properly define the terms safety case and safety assessment, and to predict the future development of the SAFRAN tool and assess its applicability to the construction of a future LILW (Low and Intermediate Level Waste) storage facility and repository in Croatia, taking into account all the capabilities and modelling features of the SAFRAN tool. (author)

  8. Safety Psychology Applicating on Coal Mine Safety Management Based on Information System

    Science.gov (United States)

    Hou, Baoyue; Chen, Fei

    In recent years, with the increase of intensity of coal mining, a great number of major accidents happen frequently, the reason mostly due to human factors, but human's unsafely behavior are affected by insecurity mental control. In order to reduce accidents, and to improve safety management, with the help of application security psychology, we analyse the cause of insecurity psychological factors from human perception, from personality development, from motivation incentive, from reward and punishment mechanism, and from security aspects of mental training , and put forward countermeasures to promote coal mine safety production,and to provide information for coal mining to improve the level of safety management.

  9. Safety Case Patterns: Theory and Applications

    Science.gov (United States)

    Denney, Ewen W.; Pai, Ganesh J.

    2015-01-01

    We develop the foundations for a theory of patterns of safety case argument structures, clarifying the concepts involved in pattern specification, including choices, labeling, and well-founded recursion. We specify six new patterns in addition to those existing in the literature. We give a generic way to specify the data required to instantiate patterns and a generic algorithm for their instantiation. This generalizes earlier work on generating argument fragments from requirements tables. We describe an implementation of these concepts in AdvoCATE, the Assurance Case Automation Toolset, showing how patterns are defined and can be instantiated. In particular, we describe how our extended notion of patterns can be specified, how they can be instantiated in an interactive manner, and, finally, how they can be automatically instantiated using our algorithm.

  10. Parametric Analysis of PWR Spent Fuel Depletion Parameters for Long-Term-Disposal Criticality Safety

    International Nuclear Information System (INIS)

    DeHart, M.D.

    1999-01-01

    Utilization of burnup credit in criticality safety analysis for long-term disposal of spent nuclear fuel allows improved design efficiency and reduced cost due to the large mass of fissile material that will be present in the repository. Burnup-credit calculations are based on depletion calculations that provide a conservative estimate of spent fuel contents (in terms of criticality potential), followed by criticality calculations to assess the value of the effective neutron multiplication factor (k(sub)eff) for the a spent fuel cask or a fuel configuration under a variety of probabilistically derived events. In order to ensure that the depletion calculation is conservative, it is necessary to both qualify and quantify assumptions that can be made in depletion models

  11. Criticality safety evaluation report for 300 Area N Reactor fuel fabrication and storage facility

    International Nuclear Information System (INIS)

    Schwinkendorf, K.N.

    1993-12-01

    Criticality safety support calculations for the 300 Area Fuels Manufacturing Facility have been performed to update values currently found in the criticality prevention specifications. The old safe masses and associated dimensions table has been updated with new values, which were produced using more modern computer codes that comply with Software Quality Assurance (SQA) requirements. Monte Carlo calculations, using MCNP (Carter 1991), were performed to spot check these results, obtained using the WIMS-E code (Gubbins et. al. 1982). In addition, the criticality considerations associated with certain accident, or upset, conditions were analyzed. These scenarios include fire, the bringing together of multiple safe masses into one neutronically coupled system, misstacking, and accidental interspersed moderation

  12. Criticality safety study of the MSRE Fuel Drain Tank Cell in Building 7503

    Energy Technology Data Exchange (ETDEWEB)

    Hollenbach, D.F.; Hopper, C.M.

    1994-01-01

    This report provides a criticality safety study of the molten salt reactor fuel currently being stored in the Fuel Drain Tank (FDT) Cell of the Molten Salt Reactor Experiment (MSRE) facility (Building 7503) located in the Melton Valley area of the Oak Ridge National Laboratory. The FDTs contain approximately 36 kg of uranium consisting primarily of {sup 233}U, some plutonium, and fission products in a solidified fluoride salt mixture. The nominal composition of the fluoride salt mixture in the FDTs is 42.16 wt % LiF, 35.79 wt % BeF{sub 2}, 21.01 wt % ZrF{sub 4}, 1.02 wt % UF{sub 4}, and 0.02 wt % PuF{sub 3}. The historic criticality safety study does not meet current standards. This work is in support of a new nuclear criticality safety analysis and approval update. Questions concerning the degree of subcriticality associated with the material in its current state and in its most reactive credible upset condition are addressed. The safety study consists of two parts. In the first part, the FDT Cell was modeled using KENO V.a and analyzed using a variety of cross-section sets. The base FDT Cell model was then modified to represent the most reactive credible upset conditions and analyzed. The second part consists of establishing a benchmark for the FDT Cell. Because of the lack of any other relevant benchmark experiments, the original MSRE was also modeled in KENO V.a and analyzed. The results of the reactor model were then compared with documented MSRE reactor conditions. The analysis shows that even under the most reactive credible upset conditions, the MSRE FDT Cell is significantly subcritical.

  13. The International Criticality Safety Benchmark Evaluation Project (ICSBEP) and The International Reactor Reactor Physics Experiment Evaluation Project (IRPhEP)

    Energy Technology Data Exchange (ETDEWEB)

    Briggs, J.B.; Bess, J. [Idaho National Laboratory (INL), Idaho Falls, ID (United States); Gulliford, J. [Organization for Economic Cooperation and Development (OECD),Nuclear Energy Agency, Paris, (France)

    2011-07-01

    The International Reactor Physics Experiment Evaluation Project (IRPhEP) and the International Criticality Safety Benchmark Evaluation Project (ICSBEP) are sources of evaluated integral benchmark data that may be used for validation of reactor physics / nuclear criticality safety analytical methods and data, nuclear data testing, and safety analysis licensing activities. The IRPhEP is patterned after its predecessor, the ICSBEP, but focuses on other integral measurements such as buckling, spectral characteristics, reactivity effects, reactivity coefficients, kinetics measurements, reaction-rate and power distributions, nuclide compositions and other miscellaneous types of measurements in addition to the critical configuration. Both projects will be discussed.

  14. Criticality safety and shielding design issues in the development of a high-capacity cask for truck transport

    International Nuclear Information System (INIS)

    Boshoven, J.K.

    1992-01-01

    General Atomics (GA) will be submitting an application for certification to the US Nuclear Regulatory Commission (NRC) for the GA-4 and GA-9 Casks In 1992. The GA-4 and GA-9 Casks are high-capacity legal weight truck casks designed to transport light water reactor spent fuel assemblies. To maintain a capacity of four pressurized-water-reactor (PWR) spent fuel assemblies, the GA-4 Cask uses burnup credit as part of the criticality control for initial enrichments over 3.0 wt% U-235. Using the US Department of Energy (DOE) Burnup Credit Program as a basis, GA has performed burnup credit analysis which is included in the Safety Analysis Report for Packaging (SARP). The GA-9 Cask can meet the criticality safety requirements using the ''fresh fuel'' assumption. Our approach to shielding design is to optimize the GA-4 and GA-9 Cask shielding configurations for minimum weights and maximum payloads. This optimization involves the use of the most effective shielding material, square cross-section geometry with rounded corners and tapered neutron shielding sections in the non-fuel regions

  15. Consequences of Fuel Failure on Criticality Safety of Used Nuclear Fuel

    International Nuclear Information System (INIS)

    Marshall, William J.; Wagner, John C.

    2012-09-01

    This report documents work performed for the Department of Energy's Office of Nuclear Energy (DOENE) Fuel Cycle Technologies Used Fuel Disposition Campaign to assess the impact of fuel reconfiguration due to fuel failure on the criticality safety of used nuclear fuel (UNF) in storage and transportation casks. This work was motivated by concerns related to the potential for fuel degradation during extended storage (ES) periods and transportation following ES, but has relevance to other potential causes of fuel reconfiguration. Commercial UNF in the United States is expected to remain in storage for longer periods than originally intended. Extended storage time and irradiation of nuclear fuel to high-burnup values (>45 GWd/t) may increase the potential for fuel failure during normal and accident conditions involving storage and transportation. Fuel failure, depending on the severity, can result in changes to the geometric configuration of the fuel, which has safety and regulatory implications for virtually all aspects of a UNF storage and transport system's performance. The potential impact of fuel reconfiguration on the safety of UNF in storage and transportation is dependent on the likelihood and extent of the fuel reconfiguration, which is not well understood and is currently an active area of research. The objective of this work is to assess and quantify the impact of postulated failed fuel configurations on the criticality safety of UNF in storage and transportation casks. Although this work is motivated by the potential for fuel degradation during ES periods and transportation following ES, it has relevance to fuel reconfiguration due to the effects of high burnup. Regardless of the ultimate disposition path, UNF will need to be transported at some point in the future. To investigate and quantify the impact of fuel reconfiguration on criticality safety limits, which are given in terms of the effective neutron multiplication factor, a set of failed fuel

  16. SKB's safety case for a final repository license application

    International Nuclear Information System (INIS)

    Hedin, Allan; Andersson, Johan

    2014-01-01

    The safety assessment SR-Site is a main component in SKB's license application, submitted in March 2011, to construct and operate a final repository for spent nuclear fuel at Forsmark in the municipality of Oesthammar, Sweden. Its role in the application is to demonstrate long-term safety for a repository at Forsmark. The assessment relates to the KBS-3 disposal concept in which copper canisters with a cast iron insert containing spent nuclear fuel are surrounded by bentonite clay and deposited at approximately 500 m depth in saturated, granitic rock. The principal regulatory acceptance criterion, issued by the Swedish Radiation Safety Authority (SSM), requires that the annual risk of harmful effects after closure not exceed 10 -6 for a representative individual in the group exposed to the greatest risk. SSM's regulations also imply that the assessment time for a repository of this type is one million years after closure. The licence applied for is one in a stepwise series of permits, each requiring a safety report. The next step concerns a permit to start excavation of the repository and requires a preliminary safety assessment report (PSAR) covering both operational and post-closure safety. Later steps include permission to commence trial operation, to commence regular operation and to close the final repository. (authors)

  17. Finite test sets development method for test execution of safety critical software

    International Nuclear Information System (INIS)

    Shin, Sung Min; Kim, Hee Eun; Kang, Hyun Gook; Lee, Sung Jiun

    2014-01-01

    The V and V method has been utilized for this safety critical software, while SRGM has difficulties because of lack of failure occurrence data on developing phase. For the safety critical software, however, failure data cannot be gathered after installation in real plant when we consider the severe consequence. Therefore, to complement the V and V method, the test-based method need to be developed. Some studies on test-based reliability quantification method for safety critical software have been conducted in nuclear field. These studies provide useful guidance on generating test sets. An important concept of the guidance is that the test sets represent 'trajectories' (a series of successive values for the input variables of a program that occur during the operation of the software over time) in the space of inputs to the software.. Actually, the inputs to the software depends on the state of plant at that time, and these inputs form a new internal state of the software by changing values of some variables. In other words, internal state of the software at specific timing depends on the history of past inputs. Here the internal state of the software which can be changed by past inputs is named as Context of Software (CoS). In a certain CoS, a software failure occurs when a fault is triggered by some inputs. To cover the failure occurrence mechanism of a software, preceding researches insist that the inputs should be a trajectory form. However, in this approach, there are two critical problems. One is the length of the trajectory input. Input trajectory should long enough to cover failure mechanism, but the enough length is not clear. What is worse, to cover some accident scenario, one set of input should represent dozen hours of successive values. The other problem is number of tests needed. To satisfy a target reliability with reasonable confidence level, very large number of test sets are required. Development of this number of test sets is a herculean

  18. Using Prospective Risk Analysis Tools to Improve Safety in Pharmacy Settings: A Systematic Review and Critical Appraisal.

    Science.gov (United States)

    Stojkovic, Tatjana; Marinkovic, Valentina; Manser, Tanja

    2017-06-29

    This study aimed to review and critically appraise the published literature on 2 selected prospective risk analysis tools, Failure Mode and Effects Analysis and Socio-Technical Probabilistic Risk Assessment, as applied to the dispensing of medicines in both inpatient and outpatient pharmacy settings. A comprehensive search of electronic databases (PubMed and Scopus) was conducted (January 1990-March 2016), supplemented by hand search of reference lists. Eligible articles were assessed for data sources used for the risk analysis, uniformity of the risk quantification framework, and whether the analysis teams assembled were multidisciplinary. Of 1011 records identified, 11 articles met our inclusion criteria. These studies were mainly focused on dispensing of high-alert medications, and most were conducted in inpatient settings. The main risks identified were transcription, preparation, and selection errors, whereas the most common corrective actions included electronic transmission of prescriptions to the pharmacy, use of barcode, and medication safety training. Significant risk reduction was demonstrated by implementing corrective measures in both inpatient and outpatient pharmacy settings. The main Failure Mode and Effects Analysis limitations were its subjectivity and the lack of common risk quantification criteria. The prospective risk analysis methods included in this review revealed relevant safety issues and hold significant potential for risk reduction. They were deemed suitable for application in both inpatient and outpatient pharmacy settings and should form an integral part of any patient safety improvement strategy.

  19. Building capacity for quality and safety in critical care: A roundtable discussion from the second international patient safety conference in April 9-11, 2013, Riyadh, Saudi Arabia

    Directory of Open Access Journals (Sweden)

    Yaseen M Arabi

    2013-01-01

    Full Text Available This paper summarizes the roundtable discussion from the Second International Patient Safety Conference held in April 9-11, 2013, Riyadh, Saudi Arabia. The objectives of the roundtable discussion were to: (1 review the conceptual framework for building capacity in quality and safety in critical care. (2 examine examples of leading international experiences in building capacity. (3 review the experience in Saudi Arabia in this area. (4 discuss the role of building capacity in simulation for patient safety in critical care and (5 review the experience in building capacity in an ongoing improvement project for severe sepsis and septic shock.

  20. Criticality safety evaluation for the Advanced Test Reactor enhanced low enriched uranium fuel elements

    Energy Technology Data Exchange (ETDEWEB)

    Montierth, Leland M. [Idaho National Lab. (INL), Idaho Falls, ID (United States)

    2016-07-19

    The Global Threat Reduction Initiative (GTRI) convert program is developing a high uranium density fuel based on a low enriched uranium (LEU) uranium-molybdenum alloy. Testing of prototypic GTRI fuel elements is necessary to demonstrate integrated fuel performance behavior and scale-up of fabrication techniques. GTRI Enhanced LEU Fuel (ELF) elements based on the ATR-Standard Size elements (all plates fueled) are to be fabricated for testing in the Advanced Test Reactor (ATR). While a specific ELF element design will eventually be provided for detailed analyses and in-core testing, this criticality safety evaluation (CSE) is intended to evaluate a hypothetical ELF element design for criticality safety purposes. Existing criticality analyses have analyzed Standard (HEU) ATR elements from which controls have been derived. This CSE documents analysis that determines the reactivity of the hypothetical ELF fuel elements relative to HEU ATR elements and whether the existing HEU ATR element controls bound the ELF element. The initial calculations presented in this CSE analyzed the original ELF design, now referred to as Mod 0.1. In addition, as part of a fuel meat thickness optimization effort for reactor performance, other designs have been evaluated. As of early 2014 the most current conceptual designs are Mk1A and Mk1B, that were previously referred to as conceptual designs Mod 0.10 and Mod 0.11, respectively. Revision 1 evaluates the reactivity of the ATR HEU Mark IV elements for a comparison with the Mark VII elements.