Certification of Software in Safety-Critical I&C Systems of Nuclear Power Plants

Nuclear power plants have well-defined processes to acquire and qualify safety-critical systems. Ultimate goal is to maximise safety, without compromises in quality and reliability. Each new device and system in nuclear power plant shall be classified and qualified according to its safety requirements. Using modern technology means in practice that more and more components have programmable features. The reliability of such components has proven to be difficult to demonstrate due to the nature of flaws in software. Standards and guides used by national authorities set licensing criteria for software used in the safety-critical systems of nuclear power plants. Nuclear power companies use commonly same standards and guides as authorities to avoid interpretation problems in qualification and licensing. Standards can be either generic, safety specific of nuclear domain specific. Also system manufacturers and software development units have adopted either nuclear domain specific of generic safety standards. Prerequisites for high-quality software and systems are in place. Conformance with standards is not any absolute guarantee for safety. It can be achieved only by use of several different approaches, which all provide their own evidences and support for qualification and licensing. Certification is one way to package different methods together and build trust in achievement of maximal safety. In fact, certification is already de-facto “must” in highest safety category of software intensive safety-critical systems. Certification should be aligned with system acquisition, development and commissioning processes to improve total effectiveness of qualification. Then it is also cost-effective and proactive rather than additional and isolated activity. 6