A Technical Approach for the Risk Assessment of Software Common Cause Failures in Digital Instrumentation and Control SystemsShorthill, Tate Howard (2024) A Technical Approach for the Risk Assessment of Software Common Cause Failures in Digital Instrumentation and Control Systems. Doctoral Dissertation, University of Pittsburgh. (Unpublished)
AbstractThe goal of this work is to evaluate the risks of software common cause failures (CCFs) for digital instrumentation and control (I&C) systems. Safety is vital in many industries, but no more paramount than in the nuclear industry. Behind every nuclear power plant is a safety I&C system designed to ensure that the public, the environment, and the plant are kept safe; the vulnerabilities of each system to CCF must be analyzed and defended, often by diversity. This work introduces a novel technical approach to identify, quantify, and evaluate the risks of software CCFs of digital I&C systems that contain multiple layers of redundant and diverse software components. The approach involves three innovative tools: 2. A hybrid CCF model to calculate software CCFs while considering the level of defenses that a system may have against concurrent failures. 3. A Bayesian and human reliability analysis-aided method for the reliability analysis of software to quantify software failure probability. Together, these tools enable probabilistic evaluations of risk as demonstrated by the assessment of an example reactor trip system. Case studies demonstrate the identification, quantification, and evaluation of different software failure modes, including diverse software CCFs. The novel technical approach informs design decisions, such as when software diversity may not be uniformly beneficial. This work provides several contributions to the risk assessment community, these are: (1) the capability to assess software risks in digital I&C systems that contain multiple layers of redundant and diverse software components; (2) the capability to identify and quantify potential software CCFs, including diverse CCFs; (3) the ability to determine and provide metrics of CCF defense; (4) the ability to quantify software CCF given limited historical CCF occurrence data; and (5) the capability to support CCF analysis throughout the development process of an I&C system. Ultimately, the developed methods lend themselves to improve risk assessments for industries that employ digital I&C systems and wherever software CCFs are a significant concern. Share
Details
MetricsMonthly Views for the past 3 yearsPlum AnalyticsActions (login required)
|