Lessons Learned from Practical Independent Verification and Validation Based on IEEE 1012

IEEE 1012 [1] describes the SDLC phase activities for software independent verification and validation (IV & V) for nuclear power plant in truly general and conceptual manner, which requires the upward and/or downward tailoring on its interpretation for practical IV & V. It contains crucial and encompassing check points and guidelines to analyze the design integrity, without addressing the formalized and the specific criteria for IV & V activities confirming the technical integrity. It is necessary to list up the inspection viewpoint via interpretation of the standard that is practical review points checking design consistency. For fruitful IV & V of Control Element Driving Mechanism Control System (CEDMCS) software for Yonggwang Nuclear Power Plant unit 3 & 4, the specific viewpoints and approach are necessary based on the guidelines of IEEE 1012 to enhance the system quality by considering the level of implementation of the theoretical and the practical IV & V. Additionally IV & V guideline of IEEE 1012 does not specifically provide the concrete measure considering the system characteristics of CEDMCS. This paper provides the seven (7) characteristic criteria for CEDMCS IV & V, and by applying these viewpoints, the design analysis such as function, performance, interface and exception, backward and forward requirement traceability analysis has been conducted. The requirement, design, implementation, and test phase were only considered for IV & V in this project. This article also provides the translation of code to map theoretical verification and validation into practical verification and validation. This paper emphasizes the necessity of the intensive design inspection and walkthrough for requirement phase to resolve the design faults because the IV & V of early phase of SDLC obviously contributes to find out most of critical design inconsistency. Especially for test phase IV & V, it is strongly recommended to prepare the test plan document which is going to be the basis for the test coverage selection and test strategy. This test plan document should be based on the critical characteristics of function and performance of CEDMCS. Also to guarantee the independency of V & V organization participating in this project, and to acquire the full package of design details for IV & V, the systematic approach and efforts with an aspect of management is highlighted among the participants.

ProTSA: A Testing Process for Automotive Software Domain

This study evaluates the development of a testing process for the automotive software domain, highlighting challenges stemming from the absence of adequate processes. The research demonstrates the application of Design Science Research methodology in developing, an automotive software testing process—ProTSA, using six functional testing modules. Additionally, the study evaluates the benefits of implementing ProTSA in a specific Original Equipment Manufacturer (OEM) using an experimental single-case approach with industry professionals’ participation through a survey. The study concludes that combining testing techniques with effective communication and alignment is crucial for enhancing software quality. Furthermore, survey data indicates that implementing ProTSA leads to productivity gains by initiating tests early, resulting in time savings in the testing program and increased productivity for the testing team. Future work will explore implementing ProTSA in cybersecurity, over-the-air software updates, and autonomous vehicle testing processes. .

Development Methodologies for Network Softwarization: A Comparison of DevOps, NetOps, and Verification

This white paper explores three popular development methodologies for network softwarization: DevOps, NetOps, and Verification. The paper compares and contrasts the strengths and weaknesses of each approach and provides recommendations for organizations looking to adopt network softwarization.

基于VV&A的联邦开发和执行过程改进研究

针对联邦开发和执行过程中描述现实世界不准确、仿真结果可信度低等不足,引入VV＆A过程,成立VV＆A小组专门负责系统的校验和验证工作,明确了联邦开发和执行过程改进的全生命周期,提出了"一个目标,两条主线"的联邦开发和执行过程改进策略:"一个目标"即基于模型仿真真实世界满足用户需求的目标;"两条主线"即以联邦开发人员为中心的模型建立和实现路线以及以VV＆A小组为主线的校验和验证路线,两者同步开展工作,互相控制和制约,共同维护系统的准确性和可信性。

核级系统、软件和硬件的V&V研究与应用

软件验证和确认(V&V)技术对于提高核电站安全级仪控系统的软件质量发挥着重要作用。在核安全级数字化控制系统(DCS)中,系统、硬件与软件三者同等重要且密不可分,因此有必要将系统和硬件也纳入V&V的范围。讨论了针对核安全级DCS中系统、软件和硬件的V&V标准体系,提出融合新核安全导则HAD 102/10—2021和新工业标准IEEE Std 1012^(TM)-2016关于生命周期要求的V&V过程模型,并阐述了3类V&V活动之间的交互关系及系统V&V和硬件V&V中的重点任务。该研究成果在自主化核安全级仪控平台和睦系统的研制及某核电站DCS工程典型项目的成功应用中,取得了良好效果。其满足核安全级DCS的质量控制需求,同时也符合HAD 102/10—2021的新监管要求。该研究为我国核行业实施系统和硬件的V&V提供了技术借鉴,有助于提升产品安全性和可靠性,也对其他高可靠性领域系统的质量控制有重要参考意义。

基于FPGA的核电厂保护系统V&V方法研究

核电厂保护系统的设计是功能验证和应用软件开发需求的源头,而基于现场可编程门阵列(FPGA)技术开发的保护系统应用则是对保护功能的分解实施和最终实现。针对验证和确认(V&V)全生命周期过程进行了研究,结合保护系统功能设计和基于FPGA技术的功能应用实施,建立了一套完整的V&V方法,明确了每个活动环节的主要任务,提出了面向核电厂保护系统FPGA应用的V&V方法和框架方案。结合目前工程承包项目实施模式,对V&V工作的实施策略给出了优化方向和改进建议。

软件V&V基于严重性分级的异常处理流程研究

软件V&V是核安全级软件开发过程中评估软件产品的一种系统性方法,与软件开发同步开展。通过软件V&V活动,辨识和解决异常,对软件开发中出现的偏离进行控制。本文结合安全级软件开发生命周期的特点,优化异常处理流程,软件V&V对每一阶段发现的异常问题进行影响评估,按后果严重性进行分级,确定异常关键等级。上一阶段关键异常的解决作为下一阶段软件开发结束的必要条件,前一设计阶段的关键异常全部解决后,下一阶段的设计活动才能结束。该异常处理流程可推进关键异常及时解决,防止向后续开发过程传递,有效减少开发后期的异常数量及修复成本。该流程已在某核电项目中得以实施,并取得良好效果。

核电安全级仪控系统软件V&V活动及其方法研究

核电厂安全级软件的安全性保证包括软件的安全开发技术和软件的验证与确认技术两个方面。按照核法规HAF要求,V&V是保证软件的安全性与可靠性的必要步骤,必须通过V&V过程才能证明和确认数字化核级仪控产品中软件的安全性和可靠性,产品才能被允许应用于核电站安全功能的执行。福岛核事故后,对于核电厂的安全性、可靠性的要求空前提高并得到各界的广泛共识。本文依托CPR1000核电厂数字化仪控技术,描述了安全级软件V&V工程活动,借鉴IAEA相关技术报告与国际上先进核电厂V&V技术特点,总结归纳CPR1000核电厂项目V&V技术方法,期望为CPR1000新项目V&V活动提供有益参考。

基于TXS平台的反应堆保护系统V&V测试方案研究

反应堆保护系统(RPS)验证和确认(V&V)测试方案的主要作用是:明确RPS测试目的和方法,定义开展RPS测试工具及相应的测试先决条件,确保RPS测试的完整性以及功能验证的正确性。V&V活动必须贯穿在整个软硬件开发以及集成过程。V&V测试主要包括硬件测试,以及系统功能、性能和接口测试。主要测试平台是信号模拟测试装置,少量仅涉及RPS软件的功能测试程序可只在仿真测试平台(SIVAT)上进行。

核电厂数字化安全仪控软件的V&V实现

以日本三菱MELTAC安全级软件在核电厂中应用的V&V为例,就其主要的工作流程、步序、输入输出结果进行分析说明,以期为核电厂数字化仪控系统(DCS)软件V&V工作的自主化和国产化提供借鉴。

安全级DCS平台基本功能库软件V&V方法研究

基本功能库是核电厂分布式控制系统(DCS)平台软件的重要组成部分,是应用软件的基本单元。其软件质量直接决定了仪表与控制(I&C)系统的系统性能力。尤其是当功能块应用于执行安全功能的软件时,功能块的错误可能直接影响到系统的安全。但是,目前国际、国内的标准中没有专门针对基本功能库的、详尽的验证与确认(V&V)方法,导致在实际的功能库V&V过程中没有具体的指导规范。为解决这个问题,对安全级数字化DCS平台基本功能库的重要性进行了阐述,同时分析了功能库的开发生命周期及不同的实现方式;依据核电厂安全级软件相关标准的要求以及实际的工程经验,提出功能库的V&V方法,以及各阶段需要重点验证的.内容。该研究为安全级平台功能库的V&V工作提供技术指导。

核电厂DCS安全级软件IV&V流程介绍

核电厂DCS系统是整个电厂安全运行控制的神经中枢,由安全级系统和非安全级系统两大部分组成。由于安全级系统用于核反应堆的控制,因此对其可靠性提出了非常严苛的要求。为了确保核电厂DCS安全级系统的可靠性满足设计要求,对其硬件设备采用实验的方法进行可靠性试验,对其软件设计采用IV&V的方法进行可靠性验证。

Architecting Fault Tolerance with Exception Handling: Verification and Validation

When building dependable systems by integrating untrusted software components that were not originally designed to interact with each other, it is likely the occurrence of architectural mismatches related to assumptions in their failure behaviour. These mismatches, if not prevented during system design, have to be tolerated during runtime. This paper presents an architectural abstraction based on exception handling for structuring fault-tolerant software systems. This abstraction comprises several components and connectors that promote an existing untrusted software element into an idealised fault-tolerant architectural element. Moreover, it is considered in the context of a rigorous software development approach based on formal methods for representing the structure and behaviour of the software architecture. The proposed approach relies on a formal specification and verification for analysing exception propagation, and verifying important dependability properties, such as deadlock freedom, and scenarios of architectural reconfiguration. The formal models are automatically generated using model transformation from UML diagrams： component diagram representing the system structure, and sequence diagrams representing the system behaviour. Finally, the formal models are also used for generating unit and integration test cases that are used for assessing the correctness of the source code. The feasibility of the proposed architectural approach was evaluated on an embedded critical case study.

Some notes on numerical investigation of three cavitation models through a verification and validation procedure

The present paper investigates the turbulent cavitating flow around the Clark-Y hydrofoil with special emphasis on the influence of cavitation models by verification and validation(V&V)method.RANS solver coupled with the three major cavitation models(i.e.,Zwart-Gerber-Belamri,Schnerr and Sauer and full cavitation model,which are abbreviated to ZGB model,SS model and FC model respectively)is employed in this paper.The results indicate that the three cavitation models can properly reproduce the cavitation evolutions.ZGB model and SS model give better prediction in the overall cavitation patterns.FC model exhibits an obvious under-estimation for the sheet cavity,and the predicted volume fraction is closely related to the turbulent flow.The verification and validation procedure is involved to quantitatively assess the accuracy of these three cavitation models.It is indicated that the V&V procedure is suitable for the unsteady cavitating flow.The errors estimate is robust and conservative within the cavitation region,while gets closer to zero in the no-cavitation region.In addition,ZGB model exhibits the highest overall accuracy among the three models,which further verifies its wide applicability.

Study of industrially applied methods for verification, validation and uncertainty quantification of simulator models

To better utilize the potential of system simulation models and simulators,industrially applicable methods for Verification,Validation and Uncertainty Quantification(VV&UQ)are crucial.This paper presents an exploratory case study of VV&UQ techniques applied on models integrated in aircraft system simulators at Saab Aeronautics and in driving simulators at the Swedish National Road and Transport Research Institute(VTI).Results show that a large number of Verification and Validation(V&V)techniques are applied,some of which are promising for further development and use in simulator credibility assessment.Regarding the application of UQ,a large gap between academia and this part of industry has been identified,and simplified methods are needed.The applicability of the NASA Credibility Assessment Scale(CAS)at the studied organizations is also evaluated and it can be concluded that the CAS is considered to be a usable tool for achieving a uniform level of V&V for all models included in a simulator,although its implementation at the studied organizations requires tailoring and coordination.

A new method of LES verification and validation for attached turbulent cavitating flow

The large eddy simulation(LES)is used to resolve the flow structure in the cavitating turbulent flow around the Clark-Y hydrofoil coupled with a homogeneous cavitation model.A new method is proposed in this paper to calculate the LES error of the time-averaged streamwise velocity for the LES verification and validation(V&V).From the instantaneous cavity patterns,it is demonstrated that the predicted results agree fairly well with the experimental data.With this new proposed method,the LES errors can be easily and effectively calculated with a limited mesh number,and the method might be used in the other applications of the LES V&V.Results of the LES errors obtained by the new method show that the relatively steady flow can be simulated with small errors,while the complex flow structures at the cavity shedding region might lead to an increase of errors in the LES modeling.In addition,the distributions of the resolved Reynolds stresses are used to estimate the influences of the cavitation on the turbulent fluctuations.Results indicate that the turbulent fluctuations for the cavitating flow are much larger in magnitude as compared to the cases without cavitation.

软件验证与确认技术和标准化研究

软件验证与确认是保证软件质量方面最有效手段之一,对于安全攸关软件的安全性、可靠性的质量提升效果显著,验证与确认两个概念也经常被混淆。从标准化角度对软件验证与确认的概念进行分析和对比,选取典型标准开展分析和阐述,以推动标准在软件生存周期的应用,促进软件质量提升。

核电仪控系统软件验证与确认的标准研究

V&V是系统工程的一个技术学科,其涵盖范围较为广泛,领域涉及软件项目管理、软件测试、软件质量评价等,一般会由政府机构或产业主管部门进行指导,需符合相关的法律法规。本文对美国、欧洲、中国的核电法规标准体系和核电V&V标准体系进行调研梳理和对比分析,并针对2021年国家核安全局发布的HAD102/10标准在仪控系统V&V领域的影响进行分析,最后对国内标准体系提出建议性意见。本文为进一步开展我国核安全级数字化仪控系统的软件验证与确认工作奠定了理论基础。

计算流体力学中的验证与确认

计算流体力学(CFD)在航空航天等诸多领域的应用越来越广泛．特别是近年来,CFD在实际飞行器的设计中扮演着越来越重要的角色,许多设计参数直接来源于CFD的计算结果．由此,飞行器设计师对CFD提供结果的可信度提出了更高的要求．验证(verification)与确认(validation)是评价数值解精度和可信度的主要手段．本文综述了国内外开展CFD验证与确认研究的进展．在引言中论述了开展CFD验证与确认的重要性和必要性,简述了国内外CFD验证与确认研究的历史和发展现状．第2节中讨论了CFD验证与确认的一些基本概念,以及这些概念定义的形成过程,并指出了进行CFD验证与确认的基本步骤．第3节和第4节分别讨论了CFD验证与确认的方法,如CFD验证中的精确解比较方法,制造解比较方法,网格收敛性研究;CFD确认中的层次结构,流动分类法,确认实验指南．在第5节中我们列举了几个CFD验证与确认的应用实例．最后,对我国开展CFD验证与确认研究工作提出了若干建议,包括:(1)开展流动分类法研究,(2)推行软件质量工程方法,(3)开展规范精细的实验,建立国内的网络数据库．

大型CFD软件自动化测试平台的初步设计与实现

针对大型通用CFD软件研制的需求,为了提升CFD软件的开发效率,初步设计与开发了一个CFD软件自动化测试平台。该平台基于MySQL数据库,通过前台界面和远程集群后台管理程序的网络信息交互,实现了自主研发的通用CFD软件平台(HyperFLOW)的自动测试及验证与确认。根据需要适当修改前置处理接口,该平台亦可推广应用于其他CFD软件的自动测试。本文重点介绍了平台的基本框架和总体设计思路、平台的数据库和前台管理GUI设计、网络交互和后台管理等,并利用典型算例对计算结果的验证与确认过程进行了简要介绍,最后对平台构建的后续工作进行了展望。