Towards Model-Based Specification and Safety Assurance of Nuclear I&C Systems: Applicability of SYSML and AADL

Joonas Linnosmaa; Janne Valkonen; Peter Karpati; André Hauge; Fabien Sechi; Bjørn Axel Gran

Towards Model-Based Specification and Safety Assurance of Nuclear I&C Systems: Applicability of SYSML and AADL

Joonas Linnosmaa, Janne Valkonen, Peter Karpati, André Hauge, Fabien Sechi, Bjørn Axel Gran

Institute for Energy Technology (IFE)

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

Abstract

Complexity of modern control and safety systems challenge the usual linear document-based presentation of system design. This complicates the work of designers, assessors and regulators comprehending the system, whose understanding often depends on building a mental model of the system and thus assessing its suitability. More rigorous and structured way to represent the system, than the linear documents-based, is model-based approach. Based on a literature review, SysML and AADL were identified as suitable candidates. They were tried in an exploratory case study modelling APR1400 reactor protection system, based on its linear description from a real applicant’s design control document. Effort was also taken to extract safety assurance information (for independence) from the documentation and organize it into a structured safety argument. Research serves also to discuss the strengths and weaknesses of model-based specification and assessment compared to document-based approaches. Modelling of the system based on design document and extracting safety assurance information was challenging. Results, based on the modelling experiences and literature review, argue that the studied architecture languages offer benefits over the use of natural language in clarity, ambiguity and traceability. However, using these architecture description languages require extensive modelling expertise and effort to allow a smooth modelling process and understanding. In addition, multidisciplinary insight into the system at both the conceptual level as well as hardware and software level is required. We also identified support of classical safety analysis methods within SysML and AADL.

Original language	English
Title of host publication	11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies
Subtitle of host publication	NPIC and HMIT 2019
Publisher	American Nuclear Society (ANS)
Pages	276-289
ISBN (Electronic)	978-0-8944-8783-5, 978-0-89448-758-3
Publication status	Published - 2019
MoE publication type	A4 Article in a conference publication
Event	11th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC&HMIT - Orlando, United States Duration: 9 Feb 2019 → 14 Feb 2019 Conference number: 11

Conference

Conference	11th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC&HMIT
Abbreviated title	NPIC&HMIT
Country/Territory	United States
City	Orlando
Period	9/02/19 → 14/02/19

Keywords

architecture description language
model-based systems engineering
safety critical systems
literature review

Cite this

@inproceedings{923fd78c0dd44c4084cda7209da072aa,

title = "Towards Model-Based Specification and Safety Assurance of Nuclear I\&C Systems: Applicability of SYSML and AADL",

abstract = "Complexity of modern control and safety systems challenge the usual linear document-based presentation of system design. This complicates the work of designers, assessors and regulators comprehending the system, whose understanding often depends on building a mental model of the system and thus assessing its suitability. More rigorous and structured way to represent the system, than the linear documents-based, is model-based approach. Based on a literature review, SysML and AADL were identified as suitable candidates. They were tried in an exploratory case study modelling APR1400 reactor protection system, based on its linear description from a real applicant{\textquoteright}s design control document. Effort was also taken to extract safety assurance information (for independence) from the documentation and organize it into a structured safety argument. Research serves also to discuss the strengths and weaknesses of model-based specification and assessment compared to document-based approaches. Modelling of the system based on design document and extracting safety assurance information was challenging. Results, based on the modelling experiences and literature review, argue that the studied architecture languages offer benefits over the use of natural language in clarity, ambiguity and traceability. However, using these architecture description languages require extensive modelling expertise and effort to allow a smooth modelling process and understanding. In addition, multidisciplinary insight into the system at both the conceptual level as well as hardware and software level is required. We also identified support of classical safety analysis methods within SysML and AADL.",

keywords = "architecture description language, model-based systems engineering, safety critical systems, literature review",

author = "Joonas Linnosmaa and Janne Valkonen and Peter Karpati and Andr{\'e} Hauge and Fabien Sechi and Gran, \{Bj{\o}rn Axel\}",

note = "{"}The American Nuclear Society gives you permission to publish your final paper from the NPIC\&HMIT 2019 meeting on your company{\textquoteright}s publication data base. Please do not publish this paper on your data base until the proceedings is published in May. Ellen Leitschuh 708-579-8253{"} ; 11th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC\&HMIT , NPIC\&HMIT ; Conference date: 09-02-2019 Through 14-02-2019",

year = "2019",

language = "English",

pages = "276--289",

booktitle = "11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies",

publisher = "American Nuclear Society (ANS)",

address = "United States",

}

Linnosmaa, J, Valkonen, J, Karpati, P, Hauge, A, Sechi, F & Gran, BA 2019, Towards Model-Based Specification and Safety Assurance of Nuclear I&C Systems: Applicability of SYSML and AADL. in 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies: NPIC and HMIT 2019. American Nuclear Society (ANS), pp. 276-289, 11th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC&HMIT , Orlando, Florida, United States, 9/02/19.

Towards Model-Based Specification and Safety Assurance of Nuclear I&C Systems: Applicability of SYSML and AADL. / Linnosmaa, Joonas; Valkonen, Janne; Karpati, Peter et al.
11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies: NPIC and HMIT 2019. American Nuclear Society (ANS), 2019. p. 276-289.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Towards Model-Based Specification and Safety Assurance of Nuclear I&C Systems

T2 - 11th International Topical Meeting on Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies, NPIC&HMIT

AU - Linnosmaa, Joonas

AU - Valkonen, Janne

AU - Karpati, Peter

AU - Hauge, André

AU - Sechi, Fabien

AU - Gran, Bjørn Axel

N1 - Conference code: 11

PY - 2019

Y1 - 2019

N2 - Complexity of modern control and safety systems challenge the usual linear document-based presentation of system design. This complicates the work of designers, assessors and regulators comprehending the system, whose understanding often depends on building a mental model of the system and thus assessing its suitability. More rigorous and structured way to represent the system, than the linear documents-based, is model-based approach. Based on a literature review, SysML and AADL were identified as suitable candidates. They were tried in an exploratory case study modelling APR1400 reactor protection system, based on its linear description from a real applicant’s design control document. Effort was also taken to extract safety assurance information (for independence) from the documentation and organize it into a structured safety argument. Research serves also to discuss the strengths and weaknesses of model-based specification and assessment compared to document-based approaches. Modelling of the system based on design document and extracting safety assurance information was challenging. Results, based on the modelling experiences and literature review, argue that the studied architecture languages offer benefits over the use of natural language in clarity, ambiguity and traceability. However, using these architecture description languages require extensive modelling expertise and effort to allow a smooth modelling process and understanding. In addition, multidisciplinary insight into the system at both the conceptual level as well as hardware and software level is required. We also identified support of classical safety analysis methods within SysML and AADL.

AB - Complexity of modern control and safety systems challenge the usual linear document-based presentation of system design. This complicates the work of designers, assessors and regulators comprehending the system, whose understanding often depends on building a mental model of the system and thus assessing its suitability. More rigorous and structured way to represent the system, than the linear documents-based, is model-based approach. Based on a literature review, SysML and AADL were identified as suitable candidates. They were tried in an exploratory case study modelling APR1400 reactor protection system, based on its linear description from a real applicant’s design control document. Effort was also taken to extract safety assurance information (for independence) from the documentation and organize it into a structured safety argument. Research serves also to discuss the strengths and weaknesses of model-based specification and assessment compared to document-based approaches. Modelling of the system based on design document and extracting safety assurance information was challenging. Results, based on the modelling experiences and literature review, argue that the studied architecture languages offer benefits over the use of natural language in clarity, ambiguity and traceability. However, using these architecture description languages require extensive modelling expertise and effort to allow a smooth modelling process and understanding. In addition, multidisciplinary insight into the system at both the conceptual level as well as hardware and software level is required. We also identified support of classical safety analysis methods within SysML and AADL.

KW - architecture description language

KW - model-based systems engineering

KW - safety critical systems

KW - literature review

UR - https://www.scopus.com/pages/publications/85071027139

M3 - Conference article in proceedings

SP - 276

EP - 289

BT - 11th Nuclear Plant Instrumentation, Control, and Human-Machine Interface Technologies

PB - American Nuclear Society (ANS)

Y2 - 9 February 2019 through 14 February 2019

ER -

Towards Model-Based Specification and Safety Assurance of Nuclear I&C Systems: Applicability of SYSML and AADL

Abstract

Conference

Keywords

Other files and links

Fingerprint

SAUNA: Integrated safety assessment and justification of nuclear power plant automation

Cite this

Towards Model-Based Specification and Safety Assurance of Nuclear I&C Systems: Applicability of SYSML and AADL

Abstract

Conference

Keywords

Other files and links

Fingerprint

Projects

SAUNA: Integrated safety assessment and justification of nuclear power plant automation

Cite this