Structured safety case tools for nuclear facility automation
Permanent address of the item is
In regulated domains, such as nuclear power, a documented justification of safety is demanded for licensing and qualifying systems important to safety. One emerging way of communicating the safety of a complex system in a structured and comprehensive manner is using a safety case. Safety case is understood as a documented body of evidence that provides a convincing and a valid argument that a system is adequately safe for a given application in a given environment. It is one option to give the safety justification the transparency and traceability required by the stakeholders. Because of the amount and complexity of the required material, a practical way of preparing safety cases is to use a software tool. This thesis evaluated software tools for developing a structured safety case for nuclear instrumentation and control systems justification. For tool evaluation, a set of criteria was done derived from a description of the tool usage environment in the nuclear domain. There is still unestablished terminology in the domain, so the description needed some clarification to its concepts. Main terms were nuclear safety case, safety demonstration and structured safety case. Nuclear safety case was defined as an informal overall term referring to the totality of the safety justification and management material gathered under one ‘case’. Safety demonstration was defined as the part of nuclear safety case, which contains the argumentation connecting the relevant evidence to given safety claims. Structured safety case was defined as a safety demonstration following a presentation of well-defined notation and related standards. It presents the claims, arguments and evidences required to assure the safety of the given system clearly and unambiguously. A development process for the structured safety case was outlined, from which the criteria for planning, structure, data inserting, review and management features were identified for tool evaluation. A list of safety case tools was gathered from which five tools were selected for further study: Astah GSN, ASCE, NORSTA, ACEdit and D-case Editor. As a result of the tool review, it was concluded that none of the selected tools had good support for the identified requirements. All of the tools had some good features for structure and data inserting. Most lack of support was identified among the features relating to planning, managing and reviewing the safety case. All of the tools also had difficulties with handling the presentation of large systems. Results implicated that the reviewed safety case software tools are not yet ready for large scale industrial use for the justification of instrumentation and control nuclear power plants. For further actions it was recommended to follow the development and continue testing of the current and new software tools.