HCRQ
System Safety, Software Safety Experts
Since 1986
"The Key To A Safer World"
salus populi suprema lex




Nuclear Power Safety


If you are looking for experience with safety analysis of:

  • Control Systems,
  • Shutdown Systems, or
  • Fuel-Handling Systems

look no further. HCRQ has a substantial amount of expertise in these areas.


One Of Our Nuclear Power Contracts

 Software Hazard Analysis Procedure

We were responsible for producing a customized formal procedure for hazard analysis of safety-critical software for the largest electric power utility in North America.

This procedure was one of a family of standards and procedures defining the engineering requirements for different classes of real-time software distinguished by complexity of system, source of supply and criticality of application.

This procedure was written to conform to and complement the standard for software engineering of safety-critical software.

The standard and its associated procedures are intended to ensure that reliability objectives are met by safety-critical software.


Another Nuclear Power Contract

 Shutdown System Software Analysis

We applied a technique known as Program Function Table (PFT) analysis to a shutdown system.

PFT analysis represents the code and the software design specification in a very thorough fashion.

Tables are constructed for each software module describing output variables in terms of input variables and constants for each possible module operating mode.

These tables are then linked, thus permitting the description of system outputs in terms of system inputs.

This result is then compared against a tabular interpretation of the software design specification.

Disagreements between the two are then analyzed.

We were also a major contributor with respect to establishing the rules for PFT analysis.

This work resulted in a published paper.


Another Nuclear Power Contract

 Fuel-Handling Software Safety Analysis

One of our clients experienced a substantial radioactive heavy water spill accident (LOCA), during the re-fueling process of one of their reactors.

The brakes, which prevent bridge motion while holding the fueling machine, were accidentally released while the fueling machine was clamped onto a fuel channel end-fitting.

The fueling machine dropped a distance of 40 cm. badly damaging the end-fitting. The heavy water leak (initially 1400 kg/h) dropped to 18 kg/h when the heat transport system was depressurized.

The incident was traced back to a software error which was introduced into one of the protective computer systems approximately four years previous.

Due to previous contract work with post-accident safety analyses, we were called in to perform a safety analysis of this software.

This work resulted in a published paper.


Another Nuclear Power Contract

 Indication System

We were consulted by a nuclear power producer after they had designed a safety-critical indication system.

Our client was interested in performing a safety analysis of this system.

We quickly advised them that, due to the way their system was designed, a safety analysis was impossible.

The indication system had to be redesigned.

They regretted not contacting us earlier.


Do you need help with:

  • IEC 60880?
  • IEEE 7-4.3.2?
  • IEC 61513?

Help is only a click away. Contact Andrew St. John.