• Nuclear Engineering and Technology
• /
• 제31권1호
• /
• pp.49-57
• /
• 1999

It has been a critical issue to predict the safety critical software reliability in nuclear engineering area. For many years, many researches have focused on the quantification of software reliability and there have been many models developed to quantify software reliability. Most software reliability models estimate the reliability with the failure data collected during the test assuming that the test environments well represent the operation profile. User's interest is however on the operational reliability rather than on the test reliability. The experiences show that the operational reliability is higher than the test reliability. With the assumption that the difference in reliability results from the change of environment, from testing to operation, testing environment factors comprising the aging factor and the coverage factor are developed in this paper and used to predict the ultimate operational reliability with the failure data in testing phase. It is by incorporating test environments applied beyond the operational profile into testing environment factors. The application results show that the proposed method can estimate the operational reliability accurately.

• Nuclear Engineering and Technology
• /
• 제40권5호
• /
• pp.397-408
• /
• 2008

This paper describes the application of a software fault tree analysis (FTA) as one of the analysis techniques for a software safety analysis (SSA) at the design phase and its analysis results for the safety-critical software of a digital reactor protection system, which is called the KNICS RPS, being developed in the KNICS (Korea Nuclear Instrumentation & Control Systems) project. The software modules in the design description were represented by function blocks (FBs), and the software FTA was performed based on the well-defined fault tree templates for the FBs. The SSA, which is part of the verification and validation (V&V) activities, was activated at each phase of the software lifecycle for the KNICS RPS. At the design phase, the software HAZOP (Hazard and Operability) and the software FTA were employed in the SSA in such a way that the software HAZOP was performed first and then the software FTA was applied. The software FTA was applied to some critical modules selected from the software HAZOP analysis.

• 항공우주시스템공학회지
• /
• 제13권1호
• /
• pp.62-68
• /
• 2019

항공기에 탑재되는 소프트웨어는 안전과 직결되기 때문에 안전 비행을 위해서는 감항인증 기준을 따라야만 한다. 항공기 탑재 소프트웨어는 감항인증기준에 명시된 DO-178을 따라 개발되어야 하지만 방사청 무기체계 소프트웨어 개발 및 관리 매뉴얼에 따라 개발되고 있다. 본 논문에서는 소프트웨어 전문가 설문조사를 수행하였고 DO-178을 기반으로 소프트웨어 개발 및 인증 절차를 제안하였다.

• 시스템엔지니어링학술지
• /
• 제14권2호
• /
• pp.49-57
• /
• 2018

The main objective of this paper is come up with methodology approach for FPGA-based system in verification and validation lifecycle regarding software reliability using system engineering approach. The steps of both reverse engineering and re-engineering are carried out to implement an FPGA-based of safety critical system in Nuclear Power Plant. The reverse engineering methodology is applied to elicit the requirements of the system as well as gain understanding of the current life cycle and V&V activities of FPGA based-system. The re-engineering method is carried out to get a new methodology approach of software reliability, particularly Software Reliability Growth Model. For measure the software reliability of a given FPGA-based system, the following steps are executed as; requirements definition and measurement, evaluation of candidate reliability model, and the validation of the selected system. As conclusion, a new methodology approach for software reliability measurement using software reliability growth model is developed.

• 한국원자력학회:학술대회논문집
• /
• 한국원자력학회 2004년도 요약집 춘계학술발표대회
• /
• pp.228-228
• /
• 2004

• Nuclear Engineering and Technology
• /
• 제41권6호
• /
• pp.849-858
• /
• 2009

Risk caused by safety-critical instrumentation and control (I&C) systems considerably affects overall plant risk. As digitalization of safety-critical systems in nuclear power plants progresses, a risk model of a digitalized safety system is required and must be included in a plant safety model in order to assess this risk effect on the plant. Unique features of a digital system cause some challenges in risk modeling. This article aims at providing an overview of the issues related to the development of a static fault-tree-based risk model. We categorize the complicated issues of digital system probabilistic risk assessment (PRA) into four groups based on their characteristics: hardware module issues, software issues, system issues, and safety function issues. Quantification of the effect of these issues dominates the quality of a developed risk model. Recent research activities for addressing various issues, such as the modeling framework of a software-based system, the software failure probability and the fault coverage of a self monitoring mechanism, are discussed. Although these issues are interrelated and affect each other, the categorized and systematic approach suggested here will provide a proper insight for analyzing risk from a digital system.

• 대한임베디드공학회논문지
• /
• 제16권6호
• /
• pp.267-276
• /
• 2021

The automotive industry and academic research have been continuously conducting research on standardization such as AUTOSAR (AUTomotive Open System ARchitecture) and ISO26262 to solve problems such as safety and efficiency caused by the complexity of electric/electronic architecture of automotive. AUTOSAR is an automotive standard software platform that has a layered structure independent of MCU (Micro Controller Unit) hardware, and improves product reliability through software modularity and reusability. And, ISO26262, an international standard for automotive functional safety and suggests a method to minimize errors in automotive ECU (Electronic Control Unit)s by defining the development process and results for the entire life cycle of automotive electrical/electronic systems. These design methods are variously applied in representative automotive safety-critical systems. However, since the functional and safety requirements are different according to the characteristics of the safety-critical system, it is essential to research the AUTOSAR functional safety design method specialized for each application domain. In this paper, a software functional safety mechanism design method using AUTOSAR is proposed, and a new failure management framework is proposed to ensure the high reliability of the product. The AUTOSAR functional safety mechanism consists of memory partitioning protection, timing monitoring protection, and end-to-end protection. The fault management framework is composed of several safety SWCs to maintain the minimum function and performance even if a fault occurs during the operation of a safety-critical system. Finally, the proposed method is applied to the Shift-by-Wire system design to prove the validity of the proposed method.

• 한국원자력학회:학술대회논문집
• /
• 한국원자력학회 1997년도 춘계학술발표회논문집(1)
• /
• pp.233-238
• /
• 1997

본 논문에서는 Safety-critical 소프트웨어를 위한 V'||'&'||'V 지침서(guideline) 개발 방법론을 제시한다. 즉, 기존의 산업계 표준인 IEEE Std-1012, IEEE Std-1059에서 논의되고 있는 개념을 근간으로 "독립성(independence)", "소프트웨어 안전성 분석(software safety analysis)", "COTS 평가(evaluation) 기준", "다른 보증(assurance) 조직들간의 관련성(relationship)" 등의 필수 안전 항목들을 추가하여 원전 안전성 시스템(NPP safety system)을 위한 V'||'&'||'V 지침서 개발 방법론을 제시하였다 제시된 방법론에는 V'||'&'||'V 지침서의 범위(scope), 승인기준(acceptance criteria) 부분인 지침서 프레임(guideline framework), V'||'&'||'V activities 및 methods 부분인 타스크(task) entrance 및 exit 기준(criteria), 리뷰 및 감사(review and audit), 테스팅 그리고 V'||'&'||'V material의 QA 레코드(records) 및 형상관리, 소프트웨어 검증 및 확인 계획서(Software Verification and Validation Plan : SVVP) 생성 등의 내용을 기술하고, Safety-critical 소프트웨어 V'||'&'||'V 방법론도 함께 제시하였다.

• 한국철도학회:학술대회논문집
• /
• 한국철도학회 2008년도 춘계학술대회 논문집
• /
• pp.378-383
• /
• 2008

One of the main concerns of railway system is to secure safety. Nowadays digital technology has been rapidly applied to safety critical system. The digital system performs more varying and highly complex functions efficiently compared to the existing analog system because software can be flexibly designed and implemented. The flexible design makes it difficult to predict the software failures. For this reason, the safety criteria are suggested to secure the software safety for the field of railway system. Following them, the railway software have to be examined whether it is properly developed according to the safety criteria and certification process. Because the articles suggested in safety criteria are written in legal term, it is difficult to apply the criteria to develop railway software. This paper suggests and discusses a development and assessment procedure to solve these issues for railway software with more detail description.

• 한국정보과학회논문지:컴퓨팅의 실제 및 레터
• /
• 제15권6호
• /
• pp.435-439
• /
• 2009

안전-필수 분야에 사용되는 소프트웨어의 신뢰도(dependability)를 보장하기 위해 소프트웨어의 테스팅과 확인 및 검증활동이 매우 중요하다. 본 연구에서는 위험수준이 높은 소프트웨어 모듈을 소프트웨어 수명수기 초기에 예측하여, 테스팅과 확인 및 검증 활동에 대한 자원할당을 도울 수 있게 해준다. 다중 클래스 분류를 지원하는 SVM(Support Vector Machine)을 이용하여 소프트웨어 모듈의 잠재위험수준 을 예측한다 잠재위험수준이 상대적으로 높게 나온 모듈들에 대해 테스팅과 확인 및 검증을 집중적으로 실시함으로써 보다 효과적으로 소프트웨어의 품질을 향상시킬 수 있다. 또한, 원전의 계측제어계통에 사용되는 안전-필수 소프트웨어의 안전성 심사를 위한 대상 모듈을 샘플링할 때 활용할 수 있을 것으로 기대된다.