DOCSLIB.ORG

NUREG/CR-6463, "Review Guidelines on Software Languages for Use in Nuclear Power Plant Safety Systems. Final Report."

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
NUREG/CR-6463, NUREG/CR-6463 Review Guidelines on Software Languages for Use in Nuclear Power Plant Safety Systems Final Report Prepared by H. Hecht, M. Hecht, S. Graff, W Green, D. Lin, S. Koch, A. Tai, D. Wendelboe SoHar Incorporated Prepared for U.S. Nuclear Regulatory Commission AVAILABILITY NOTICE Availability of Reference Materials Cited in NRC Publications Most documents cited In NRC publications will be available from one of the following sources: 1. The NRC Public Document Room, 2120 L Street, NW., Lower Level, Washington, DC 20555-0001 2. The Superintendent of Documents, U.S. Government Printing Office, P. 0. Box 37082, Washington, DC 20402-9328 3. The National Technical Information Service, Springfield, VA 22161-0002 Although the listing that follows represents the majority of documents cited in NRC publications, it is not in- tended to be exhaustive. Referenced documents available for inspection and copying for a fee from the NRC Public Document Room include NRC correspondence and internal NRC memoranda; NRC bulletins, circulars, information notices, in- spection and investigation notices; licensee event reports; vendor reports and correspondence; Commission papers; and applicant and licensee documents and correspondence. The following documents In the NUREG series are available for purchase from the Government Printing Office: formal NRC staff and contractor reports, NRC-sponsored conference proceedings, international agreement reports, grantee reports, and NRC booklets and brochures. Also available are regulatory guides, NRC regula- tions In the Code of Federal Regulations, and Nuclear Regulatory Commission Issuances. Documents available from the National Technical Information Service include NUREG-series reports and tech- nical reports prepared by other Federal agencies and reports prepared by the Atomic Energy Commission, forerunner agency to the Nuclear Regulatory Commission. Documents available from public and special technical libraries include all open literature items, such as books, journal articles, and transactions. FederalRegister notices, Federal and State legislation, and congressional reports can usually be obtained from these libraries. Documents such as theses, dissertations, foreign reports and translations, and non-NRC conference pro- ceedings are available for purchase from the organization sponsoring the publication cited. Single copies of NRC draft reports are available free, to the extent of supply, upon written request to the Office of Administration, Distribution and Mail Services Section, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001. Copies of industry codes and standards used in a substantive manner in the NRC regulatory process are main- tained at the NRC Library, Two White Flint North, 11545 Rockville Pike, Rockville. MD 20852-2738, for use by the public. Codes and standards are usually copyrighted and may be purchased from the originating organiza- tion or, if they are American National Standards, from the American National Standards Institute, 1430 Broad- way, New York, NY 10018-3308. DISCLAIMER NOTICE This report was prepared as an account of work sponsored by an agency of the United States Government. Neitherthe United States Government nor any agency thereof, nor any of their employees, makes any warranty, expressed or implied, or assumes any legal liability or responsibility for any third party's use, or the results of such use, of any information, apparatus, product, or process disclosed in this report, or represents that its use by such third party would not infringe privately owned rights. NUREG/CR-6463 Review Guidelines on Software Languages for Use in Nuclear Power Plant Safety Systems Final Report Manuscript Completed: June 1996 Date Published: June 1996 Prepared by H. Hecht, M. Hecht, S. Graff, W. Green, D. Lin, S. Koch, A. 'Thi, D. Wendelboe SoHar Incorporated 8421 Wilshire Boulevard Beverly Hills, CA 90211 R. Brill, NRC Project Manager Prepared for Division of Systems Technology Office of Nuclear Regulatory Research U.S. Nuclear Regulatory Commission Washington, DC 20555-0001 NRC Job Code W6208 Abstract Guidelines for the programming and auditing of software written in high level languages for safety systems are presented. The guidelines are derived from a framework of issues significant to software safety which was gathered from relevant standards and research literature. Language-specific adaptations of these guidelines are provided for the following high level languages: Ada, C/C++, Programmable Logic Controller (PLC) Ladder Logic, International Electrotechnical Commission (IEC) Standard 1131-3 Sequential Function Charts, Pascal, and PL/M. Appendices to the report include a tabular summary of the guidelines and additional information on selected languages. iii NUREG/CR-6463 Table of Contents List of Figures ........................................ ................. x L ist of Tables ................................................................ xi Executive Summary .................................................... xii A cknow ledgem ents .......................................................... xiv List of A cronym s ............................................................. xv Introduction .......................................................... 1-1 1.1 Scope ......................................................... 1-1 1.2 M ethodology ................................................... 1-3 1.2.1 Task 1 M ethodology ....................................... 1-3 1.2.2 Task 2 M ethodology ....................................... 1-6 1.2.3 Task 3 M ethodology ........................................ 1-6 1.2.4 Tasks 4 and 5 M ethodology ................................. 1-6 1.3 Technical basis .................................................. 1-7 1.4 Contents Overview ............................................... 1-8 R eferences .......................................................... 1-10 2 Generic Safe Programming Attributes ...................................... 2-1 2.1 R eliability ...................................................... 2-2 2.1.1 Predictability of Memory Utilization .......................... 2-4 2.1.2 Predictability of Control Flow ............................... 2-5 2.1.3 Predictability of Timing ................................... 2-11 2.2 R obustness .................................................... 2-12 2.2.1 Controlling Use of Diversity ............................... 2-12 2.2.2 Controlling Use of Exception Handling ....................... 2-14 2.2.3 Checking Input and Output ................................ 2-15 2.3 Traceability ................................................... 2-16 2.3.1 Controlling Use of Built-In Functions ........................ 2-16 2.3.2 Controlling Use of Compiled Libraries ....................... 2-17 2.4 M aintainability ................................................. 2-17 2.4.1 Readability ............................................. 2-19 2.4.2 Data Abstraction ........................................ 2-23 2.4.3 Functional Cohesiveness .................................. 2-24 2.4.4 M alleability ............................................ 2-25 2.4.5 Portability .............................................. 2-25 R eferences .......................................................... 2-27 3 A d a . .. .. .. .. 3 -1 3.1 R eliability ...................................................... 3-1 3.1.1 Predictability of Memory Utilization .......................... 3-1 3.1.2 Predictability of Control Flow ............................... 3-6 v NUREG/CR-6463 3.1.3 Predictability of Timing ................................... 3-22 3.2 R obustness .................................................... 3-26 3.2.1 Controlled Use of Software Diversity ........................ 3-27 3.2.2 Controlled Use of Exception Handling ....................... 3-27 3.2.3 Input and Output Data Checking ............................ 3-31 3.3 Traceability ................................................... 3-31 3.3.1 Use of Built-In Functions .................................. 3-32 3.3.2 Use of Compiled Libraries ................................. 3-32 3.3.3 Ada Run-time Environment ................................ 3-33 3.3.4 Maintaining Traceability Between Source Code and Compiled Code 3-33 3.3.5 Minimizing Use of Generic Units ........................... 3-34 3.4 M aintainability ................................................. 3-34 3.4.1 R eadability ............................................. 3-34 3.4.2 Data Abstraction ............................. .......... 3-41 3.4.3 Functional Cohesiveness .................................. 3-42 3.4.4 M alleability ............................................ 3-42 3.4.5 Portability .............................................. 3-42 R eferences .......................................................... 3-45 4 C and C++ ........................................................... 4-1 4.1 R eliability ...................................................... 4-1 4.1.1 Predictability of Memory Utilization ........................... 4-1 4.1.2 Predictability of Control Flow ............................... 4-11 4.1.3 Predictability of Timing .................................... 4-39 4.2 R obustness .................................................... 4-42 4.2.1 Controlled Use of Software Diversity ......................... 4-43 4.2.2 Controlled Use of Exception Handling ........................ 4-43 4.2.3 Input and Output Checking ................................. 4-46 4.3 Traceability
Load more

Recommended publications
  • DC Console Using DC Console Application Design Software
    DC Console Using DC Console Application Design Software DC Console is easy-to-use, application design software developed specifically to work in conjunction with AML’s DC Suite. Create. Distribute. Collect. Every LDX10 handheld computer comes with DC Suite, which includes seven (7) pre-developed applications for common data collection tasks. Now LDX10 users can use DC Console to modify these applications, or create their own from scratch. AML 800.648.4452 Made in USA www.amltd.com Introduction This document briefly covers how to use DC Console and the features and settings. Be sure to read this document in its entirety before attempting to use AML’s DC Console with a DC Suite compatible device. What is the difference between an “App” and a “Suite”? “Apps” are single applications running on the device used to collect and store data. In most cases, multiple apps would be utilized to handle various operations. For example, the ‘Item_Quantity’ app is one of the most widely used apps and the most direct means to take a basic inventory count, it produces a data file showing what items are in stock, the relative quantities, and requires minimal input from the mobile worker(s). Other operations will require additional input, for example, if you also need to know the specific location for each item in inventory, the ‘Item_Lot_Quantity’ app would be a better fit. Apps can be used in a variety of ways and provide the LDX10 the flexibility to handle virtually any data collection operation. “Suite” files are simply collections of individual apps. Suite files allow you to easily manage and edit multiple apps from within a single ‘store-house’ file and provide an effortless means for device deployment.
    [Show full text]
  • 小型飛翔体/海外 [Format 2] Technical Catalog Category
    小型飛翔体/海外 [Format 2] Technical Catalog Category Airborne contamination sensor Title Depth Evaluation of Entrained Products (DEEP) Proposed by Create Technologies Ltd & Costain Group PLC 1.DEEP is a sensor analysis software for analysing contamination. DEEP can distinguish between surface contamination and internal / absorbed contamination. The software measures contamination depth by analysing distortions in the gamma spectrum. The method can be applied to data gathered using any spectrometer. Because DEEP provides a means of discriminating surface contamination from other radiation sources, DEEP can be used to provide an estimate of surface contamination without physical sampling. DEEP is a real-time method which enables the user to generate a large number of rapid contamination assessments- this data is complementary to physical samples, providing a sound basis for extrapolation from point samples. It also helps identify anomalies enabling targeted sampling startegies. DEEP is compatible with small airborne spectrometer/ processor combinations, such as that proposed by the ARM-U project – please refer to the ARM-U proposal for more details of the air vehicle. Figure 1: DEEP system core components are small, light, low power and can be integrated via USB, serial or Ethernet interfaces. 小型飛翔体/海外 Figure 2: DEEP prototype software 2.Past experience (plants in Japan, overseas plant, applications in other industries, etc) Create technologies is a specialist R&D firm with a focus on imaging and sensing in the nuclear industry. Createc has developed and delivered several novel nuclear technologies, including the N-Visage gamma camera system. Costainis a leading UK construction and civil engineering firm with almost 150 years of history.
    [Show full text]
  • Embrace and Extend Approach (Red Hat, Novell)
    Integrated Development Environments (IDEs) Technology Strategy Chad Heaton Alice Park Charles Zedlewski Table of Contents Market Segmentation.............................................................................................................. 4 When Does the IDE Market Tip? ........................................................................................... 6 Microsoft & IDEs ................................................................................................................... 7 Where is MSFT vulnerable?................................................................................................. 11 Eclipse & Making Money in Open Source........................................................................... 12 Eclipse and the Free Rider Problem ..................................................................................... 20 Making Money in an Eclipse World?................................................................................... 14 Eclipse vs. Microsoft: Handicapping the Current IDE Environment ................................... 16 Requirements for Eclipse success......................................................................................... 18 2 Overview of the Integrated Development Environment (IDE) Market An Integrated Development Environment (IDE) is a programming environment typically consisting of a code editor, a compiler, a debugger, and a graphical user interface (GUI) builder. The IDE may be a standalone application or may be included as part of one or more existing
    [Show full text]
  • VERSION 2.0 Referene MANUAL
    VERSION 2.0 REFERENe MANUAL BORlAnD INTERNATIONAL Borland International 4113 Scotts Valley Drive Scotts Valley, California 95066 Copyright Notice© This software package and manual are copyrighted 1983, 1984 by BORLAND INTERNATIONAL Inc. All rights reserved worldwide. No part of this publication may be reproduced, transmitted, transcribed, stored in any retrieval system, or translated into any language by any means without the express written per­ mission of BORLAND INTERNATIONAL Inc., 4113 Scotts Valley Drive, Scotts Valley, CA 95066, USA. Single CPU License The price paid for one copy of TURBO Pascal licenses you to use the product on one CPU when and only when you have signed and returned the License Agreement printed in this book. Disclaimer Borland International makes no warranties as to the contents of this manual and specifically disclaims any implied warranties of merchantability or fitness for any particular purpose. Borland International further reserves the right to make changes to the specifications of the program and contents of the manual without obligation to notify any person or organization of such changes. Fifth edition, October 1984 Printed in the United States of America 98765 TABLE OF CONTENTS INTRODUCTION ............................................. 1 The Pascal Language .........................................1 TURBO Pascal ..............................................1 Structure of This Manual ..................................... 2 Typography ............................................... 3 Syntax Descriptions
    [Show full text]
  • Foundation API Client Library PHP – Usage Examples By: Juergen Rolf Revision Version: 1.2
    Foundation API Client Library PHP – Usage Examples By: Juergen Rolf Revision Version: 1.2 Revision Date: 2019-09-17 Company Unrestricted Foundation API Client Library PHP – Installation Guide Document Information Document Details File Name MDG Foundation API Client Library PHP - Usage Examples_v1_2 external.docx Contents Usage Examples and Tutorial introduction for the Foundation API Client Library - PHP Author Juergen Rolf Version 1.2 Date 2019-09-17 Intended Audience This document provides a few examples helping the reader to understand the necessary mechanisms to request data from the Market Data Gateway (MDG). The intended audience are application developers who want to get a feeling for the way they can request and receive data from the MDG. Revision History Revision Date Version Notes Author Status 2017-12-04 1.0 Initial Release J. Rolf Released 2018-03-27 1.1 Adjustments for external J. Rolf Released release 2019-09-17 1.2 Minor bugfixes J. Ockel Released References No. Document Version Date 1. Quick Start Guide - Market Data Gateway (MDG) 1.1 2018-03-27 APIs external 2. MDG Foundation API Client Library PHP – Installation 1.2 2019-09-17 Guide external Company Unrestricted Copyright © 2018 FactSet Digital Solutions GmbH. All rights reserved. Revision Version 1.2, Revision Date 2019-09-17, Author: Juergen Rolf www.factset.com | 2 Foundation API Client Library PHP – Installation Guide Table of Contents Document Information ............................................................................................................................
    [Show full text]
  • Fuel Geometry Options for a Moderated Low-Enriched Uranium Kilowatt-Class Space Nuclear Reactor T ⁎ Leonardo De Holanda Mencarinia,B,Jeffrey C
    Nuclear Engineering and Design 340 (2018) 122–132 Contents lists available at ScienceDirect Nuclear Engineering and Design journal homepage: www.elsevier.com/locate/nucengdes Fuel geometry options for a moderated low-enriched uranium kilowatt-class space nuclear reactor T ⁎ Leonardo de Holanda Mencarinia,b,Jeffrey C. Kinga, a Nuclear Science and Engineering Program, Colorado School of Mines (CSM), 1500 Illinois St, Hill Hall, 80401 Golden, CO, USA b Subdivisão de Dados Nucleares - Instituto de Estudos Avançados (IEAv), Trevo Coronel Aviador José Alberto Albano do Amarante, n 1, 12228-001 São José dos Campos, SP, Brazil ABSTRACT A LEU-fueled space reactor would avoid the security concerns inherent with Highly Enriched Uranium (HEU) fuel and could be attractive to signatory countries of the Non-Proliferation Treaty (NPT) or commercial interests. The HEU-fueled Kilowatt Reactor Using Stirling Technology (KRUSTY) serves as a basis for a similar reactor fueled with LEU fuel. Based on MCNP6™ neutronics performance estimates, the size of a 5 kWe reactor fueled with 19.75 wt% enriched uranium-10 wt% molybdenum alloy fuel is adjusted to match the excess reactivity of KRUSTY. Then, zirconium hydride moderator is added to the core in four different configurations (a homogeneous fuel/moderator mixture and spherical, disc, and helical fuel geometries) to reduce the mass of uranium required to produce the same excess reactivity, decreasing the size of the reactor. The lowest mass reactor with a given moderator represents a balance between the reflector thickness and core diameter needed to maintain the multiplication factor equal to 1.035, with a H/D ratio of 1.81.
    [Show full text]
  • Adapting MSP to Microsoft C++ ©James T. Smith, 1999 1. Introduction A. General Comments I. Purpose
    Adapting MSP to Microsoft C++ ©James T. Smith, 1999 1. Introduction a. General comments i. Purpose (1) MSP was developed in a PC environment with the original version of Borland C++, then adapted in several stages to Version 5.0, the standard for this book. Many readers, however, prefer to or must use a different compiler. The environment most frequently mentioned that is somewhat close to the book’s is Microsoft’s. This file describes my adaptation of MSP as a suite of Microsoft Visual C++ Win32 Console Applications. (2) It’s an adaptation guide, not a completed product. Most MSP features described in this book work under the adaptation, but it has not been used for further development. With it, you can see how these features work in your Microsoft environment. To use it for a major project, however, you’ll probably want to select only the appropriate MSP modules. You’ll need to test the adaptation much more thoroughly, and probably add minor cor- rections as needed by your specific application. ii. Major differences (1) Microsoft’s complex mathematics module is implemented with templates. That adds more levels of implicit conversions for the compiler to consider when resolving overloaded function declarations. Many more ambiguities would result, and some methods MSP uses to resolve them would no longer work. This would cause so many changes that you’d lose sight of the rest. So the adaptation contains a completely rewritten complex module. (2) Microsoft handles hardware faults, such as overflow detected by the floating-point processor, by throwing“structured exceptions”.
    [Show full text]
  • Preparing for Nuclear Waste Transportation
    Preparing for Nuclear Waste Transportation Technical Issues that Need to Be Addressed in Preparing for a Nationwide Effort to Transport Spent Nuclear Fuel and High-Level Radioactive Waste A Report to the U.S. Congress and the Secretary of Energy September 2019 U.S. Nuclear Waste Technical Review Board This page intentionally left blank. U.S. Nuclear Waste Technical Review Board Preparing for Nuclear Waste Transportation Technical Issues That Need to Be Addressed in Preparing for a Nationwide Effort to Transport Spent Nuclear Fuel and High-Level Radioactive Waste A Report to the U.S. Congress and the Secretary of Energy September 2019 This page intentionally left blank. U.S. Nuclear Waste Technical Review Board Jean M. Bahr, Ph.D., Chair University of Wisconsin, Madison, Wisconsin Steven M. Becker, Ph.D. Old Dominion University, Norfolk, Virginia Susan L. Brantley, Ph.D. Pennsylvania State University, University Park, Pennsylvania Allen G. Croff, Nuclear Engineer, M.B.A. Vanderbilt University, Nashville, Tennessee Efi Foufoula-Georgiou, Ph.D. University of California Irvine, Irvine, California Tissa Illangasekare, Ph.D., P.E. Colorado School of Mines, Golden, Colorado Kenneth Lee Peddicord, Ph.D., P.E. Texas A&M University, College Station, Texas Paul J. Turinsky, Ph.D. North Carolina State University, Raleigh, North Carolina Mary Lou Zoback, Ph.D. Stanford University, Stanford, California Note: Dr. Linda Nozick of Cornell University served as a Board member from July 28, 2011, to May 9, 2019. During that time, Dr. Nozick provided valuable contributions to this report. iii This page intentionally left blank. U.S. Nuclear Waste Technical Review Board Staff Executive Staff Nigel Mote Executive Director Neysa Slater-Chandler Director of Administration Senior Professional Staff* Bret W.
    [Show full text]
  • Clostridium Difficile Infection: How to Deal with the Problem DH INFORMATION RE ADER B OX
    Clostridium difficile infection: How to deal with the problem DH INFORMATION RE ADER B OX Policy Estates HR / Workforce Commissioning Management IM & T Planning / Finance Clinical Social Care / Partnership Working Document Purpose Best Practice Guidance Gateway Reference 9833 Title Clostridium difficile infection: How to deal with the problem Author DH and HPA Publication Date December 2008 Target Audience PCT CEs, NHS Trust CEs, SHA CEs, Care Trust CEs, Medical Directors, Directors of PH, Directors of Nursing, PCT PEC Chairs, NHS Trust Board Chairs, Special HA CEs, Directors of Infection Prevention and Control, Infection Control Teams, Health Protection Units, Chief Pharmacists Circulation List Description This guidance outlines newer evidence and approaches to delivering good infection control and environmental hygiene. It updates the 1994 guidance and takes into account a national framework for clinical governance which did not exist in 1994. Cross Ref N/A Superseded Docs Clostridium difficile Infection Prevention and Management (1994) Action Required CEs to consider with DIPCs and other colleagues Timing N/A Contact Details Healthcare Associated Infection and Antimicrobial Resistance Department of Health Room 528, Wellington House 133-155 Waterloo Road London SE1 8UG For Recipient's Use Front cover image: Clostridium difficile attached to intestinal cells. Reproduced courtesy of Dr Jan Hobot, Cardiff University School of Medicine. Clostridium difficile infection: How to deal with the problem Contents Foreword 1 Scope and purpose 2 Introduction 3 Why did CDI increase? 4 Approach to compiling the guidance 6 What is new in this guidance? 7 Core Guidance Key recommendations 9 Grading of recommendations 11 Summary of healthcare recommendations 12 1.
    [Show full text]
  • Unix (And Linux)
    AWK....................................................................................................................................4 BC .....................................................................................................................................11 CHGRP .............................................................................................................................16 CHMOD.............................................................................................................................19 CHOWN ............................................................................................................................26 CP .....................................................................................................................................29 CRON................................................................................................................................34 CSH...................................................................................................................................36 CUT...................................................................................................................................71 DATE ................................................................................................................................75 DF .....................................................................................................................................79 DIFF ..................................................................................................................................84
    [Show full text]
  • 5 Command Line Functions by Barbara C
    ADAPS: Chapter 5. Command Line Functions 5 Command Line Functions by Barbara C. Hoopes and James F. Cornwall This chapter describes ADAPS command line functions. These are functions that are executed from the UNIX command line instead of from ADAPS menus, and that may be run manually or by automated means such as “cron” jobs. Most of these functions are NOT accessible from the ADAPS menus. These command line functions are described in detail below. 5.1 Hydra Although Hydra is available from ADAPS at the PR sub-menu, Edit Time Series Data using Hydra (TS_EDIT), it can also be started from the command line. However, to start Hydra outside of ADAPS, a DV or UV RDB file needs to be available to edit. The command is “hydra rdb_file_name.” For a complete description of using Hydra, refer to Section 4.5.2 Edit Time-Series Data using Hydra (TS_EDIT). 5.2 nwrt2rdb This command is used to output rating information in RDB format. It writes RDB files with a table containing the rating equation parameters or the rating point pairs, with all other information contained in the RDB comments. The following arguments can be used with this command: nwrt2rdb -ooutfile -zdbnum -aagency -nstation -dddid -trating_type -irating_id -e (indicates to output ratings in expanded form; it is ignored for equation ratings.) -l loctzcd (time zone code or local time code "LOC") -m (indicates multiple output files.) -r (rounding suppression) Rules • If -o is omitted, nwrt2rdb writes to stdout; AND arguments -n, -d, -t, and -i must be present. • If -o is present, no other arguments are required, and the program will use ADAPS routines to prompt for them.
    [Show full text]
  • AIM104-Software Library
    2192-09193-000-000 AIM104-Software Library Software A Utility Disk is supplied with your AIM104. It contains a host of software utilities designed specifically for each AIM104. Please refer to the README.TXT file on the disk for further information. It also includes a test program EXAMP-01.EXE which may be used to confirm access to the board. Introduction Arcom Control Systems produces a complete range of high quality Input/Output (I/O) cards for the PC104 bus. In order to support these I/O cards as fully as possible a complimentary set of high quality software support products is also available. This software library forms part of the software support. This software support has been developed to support Borland C++ versions 3.1 and 4.52, running on 386 CPUs, Pentium CPUs and Arcom Target boards, in both DOS and Windows operating systems. It is presented to the user in the form of standard static library files. This library can then be incorporated into custom application code giving the user all the software facilities needed to use all the hardware features included on an Arcom PC104 I/O card. This manual contains the basic details of what is contained within this library. For a more detailed description please read the Word 2.0 file genman.doc contained in the DOCS sub-directory of the installation disk or in the DOCS sub-directory of the directory you install to. The list below shows the boards supported within the scope of this library. All commonly used modules are listed, however those that fall outside this list are not supported within this software library.
    [Show full text]