Approach for the Evaluation of the Impact of Potential Software Failures in Software-Based Instrumentation and Control (I&C) Equipment in Nuclear Power Plants

In this paper we present an approach for the evaluation and assessment of the impact of software failures in software-based I&C systems of NPPs. The proposed two-step approach includes at the first step the identification of software failure modes on the basis of review of operating experience gained with software-based I&C systems and equipment. All probable software failures in software-based I&C systems should be identified and classified according to e. g. the concerned system, the observed software failure mode and to their actual and potential safety relevance. In a second step an evaluation of the potential impact of identified safety relevant software failure modes in a software-based I&C system shall be performed. The evaluation shall be done by means of a failure mode and effects analysis (FMEA) using a generic model of the software-based I&C system, i.e. software failure modes are postulated in the I&C system and their potential safety-relevant impact is analyzed.