The power industry is becoming increasingly interested in the use of digital computers within nuclear plant protection systems in order to satisfy increased safety requirements, provide greater operating flexibility, minimize spurious forced outages, and (in conjunction with multiplexing) to meet separation requirements. However, the development and licensing of digital safety systems has been hindered to date by the difficulty of validating the software. A methodology is proposed for the development and validation of nuclear power plant safety system software which may permit a quantitative assessment of its correctness. The methodology has been applied to the development and validation of a pilot software, incorporating typical features of critical software for nuclear power plants. The development and use of automated tools and formal techniques required to support the methodology are described in the paper. The experience of applying the methodology to the initial phases of the software development process for the pilot software are discussed. Finally, the impact of the methodology on the quality of the software under development is assessed.
[1]
SIDNEY L. HANTLER,et al.
An Introduction to Proving the Correctness of Programs
,
1976,
CSUR.
[2]
Richard E. Barlow,et al.
Statistical Theory of Reliability and Life Testing: Probability Models
,
1976
.
[3]
George J. Schick,et al.
An Analysis of Competing Software Reliability Models
,
1978,
IEEE Transactions on Software Engineering.
[4]
W. A. Martin,et al.
The MACSYMA system
,
1971,
SYMSAC '71.