Verification, Validation, Reviews, and Audits for Digital Computer Software Used in Safety Systems of Nuclear Power Plants

AGENCY:

Nuclear Regulatory Commission.

ACTION:

Revision to regulatory guide; issuance.

SUMMARY:

The U.S. Nuclear Regulatory Commission (NRC) is issuing a revised regulatory guide (RG), revision 2 of RG 1.168, “Verification, Validation, Reviews, and Audits for Digital Computer Software Used in Safety Systems of Nuclear Power Plants.” This guide endorses, with clarifications and exceptions, the Institute of Electrical and Electronic Engineers (IEEE) Standard 1012-2004, “IEEE Standard for Software Verification and Validation,” and IEEE Std. 1028-2008, “IEEE Standard for Software Reviews and Audits.” These two IEEE standards describe methods acceptable to the NRC staff for demonstrating compliance with the NRC's regulations for design verification and control of software used in the safety systems of a nuclear power plant.

ADDRESSES:

Please refer to Docket ID NRC-2012-0195 when contacting the NRC about the availability of information regarding this document. You may access information related to this document, which the NRC possesses and is publicly available, using the following methods:

• Federal Rulemaking Web site: Go to http://www.regulations.gov and search for Docket ID NRC-2012-0195. Address questions about NRC dockets to Carol Gallagher; telephone: 301-287-3422; email: Carol.Gallagher@nrc.gov.
• NRC's Agencywide Documents Access and Management System (ADAMS): You may access publicly available documents online in the NRC Library at http://www.nrc.gov/reading-rm/adams.html. To begin the search, select “ADAMS Public Documents” and then select “Begin Web-based ADAMS Search.” For problems with ADAMS, please contact the NRC's Public Document Room (PDR) reference staff at 1-800-397-4209, 301-415-4737, or by email to pdr.resource@nrc.gov. The ADAMS accession number for each document referenced in this notice (if that document is available in ADAMS) is provided the first time that a document is referenced. Revision 2 of RG 1.168 is available in ADAMS under Accession No. ML13073A210. The regulatory analysis may be found in ADAMS under Accession No. ML103160461.
• NRC's PDR: You may examine and purchase copies of public documents at the NRC's PDR, Room O1-F21, One White Flint North, 11555 Rockville Pike, Rockville, Maryland 20852.

Regulatory guides are not copyrighted, and NRC approval is not required to reproduce them.

FOR FURTHER INFORMATION CONTACT:

Mark Orr, Division of Engineering, Office of Nuclear Regulatory Research, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, telephone: 301-251-7495; email: Mark.Orr@NRC.gov.

SUPPLEMENTARY INFORMATION:

I. Introduction

The NRC is issuing a revision to an existing guide in the NRC's “Regulatory Guide” series. This series was developed to describe and make available to the public information such as methods that are acceptable to the NRC staff for implementing specific parts of the NRC's regulations, techniques that the staff uses in evaluating specific problems or postulated accidents, and data that the staff needs in its review of applications for permits and licenses.

II. Further Information

Revision 2 of RG 1.168 was issued with a temporary identification as Draft Regulatory Guide, DG-1267 on August 22, 2012 (77 FR 50723) for a 60-day public comment period. The public comment period closed on November 23, 2012. Multiple public comments were received and addressed by the NRC staff. These comments and the NRC staff responses are available in ADAMS under Accession number ML13073A208.

Revision 2 of RG 1.168 endorses, with clarifications and exceptions, the consensus practices for complying with NRC regulations promoting the development of, and compliance with, a software lifecycle program for software used in safety systems in nuclear power plants described in the Institute of Electrical and Electronic Engineers (IEEE) Standard 1012-2004, “IEEE Standard for Software Verification and Validation,” and IEEE Std. 1028-2008, “IEEE Standard for Software Reviews and Audits.” These two IEEE standards describe methods acceptable to the NRC staff for demonstrating compliance with the NRC's regulations for verification, validation, and design control of software used in safety systems of a nuclear power plant. In particular, the methods are consistent with part 50 of Title 10 of the Code of Federal Regulations (10 CFR), “Domestic Licensing of Production and Utilization Facilities,” Appendix A, “General Design Criteria for Nuclear Power Plants,” General Design Criterion (GDC) 1, “Quality Standards and Records,” which requires, in part, that a quality assurance program be established and implemented to provide adequate assurance that systems and components important to safety will satisfactorily perform their safety functions.

Revision 2 of RG 1.168 supersedes Revision 1 of RG 1.168 and represents the NRC staff's guidance for future users and guidance. Earlier versions of this RG, however, continue to be acceptable for those licensees whose licensing basis includes earlier versions of this RG, absent a licensee-initiated change to its licensing basis. Additional information on the staff's use of this revised RG with respect to both current and future users and applications is set forth in the “Implementation” section of the revised RG.

This RG is one of six revised RGs addressing computer software development and use in safety related systems of nuclear power plants. These RGs were developed by the Office of Nuclear Regulatory Research, Division of Engineering (RES/DE) with the assistance of multiple individuals in the Office of New Reactors, Division of Engineering (NRO/DE); Office Nuclear Reactor Regulation, Division of Engineering (NRR/DE); and the Office of Nuclear Security and Incident Response, Division of Security Policy (NSIR/DSP). The six interrelated RGs are:

1. Revision 2 of RG 1.168, “Verification, Validation, Reviews, and Audits for Digital Computer Software used in Safety Systems of Nuclear Power Plants,” issued for public comment as DG-1267. The package for Rev. 2 of RG 1.168 is in ADAMS at Accession No. ML12236A132.

2. Revision 1 of RG 1.169, “Configuration Management Plans for Digital Computer Software used in Safety Systems of Nuclear Power Plants,” issued for public comment as DG-1206. The package for Rev. 1 of RG 1.169 is in ADAMS at Accession No. ML12354A524.

3. Revision 1 of RG 1.170, “Test Documentation for Digital Computer Software used in Safety Systems of Nuclear Power Plants,” issued for public comment as DG1207. The package for Rev. 1 of RG 1.170 is in ADAMS at Accession No. ML12354A531.

4. Revision 1 of RG 1.171, “Software Unit Testing for Digital Computer Software Used in Safety Systems of Nuclear Power Plants,” issued for public comment as DG1208. The package for Rev. 1 of RG 1.171 is in ADAMS at Accession No. ML12354A534.

5. Revision 1 of RG 1.172, “Software Requirements Specifications for Digital Computer Software used in Safety Systems of Nuclear Power Plants,” issued for public comment as DG-1209. The package for Rev. 1 of RG 1.172 is in ADAMS at Accession No. ML12354A538.

6. Revision 1 of RG 1.173, “Developing Software Life Cycle Processes for Digital Computer Software used in Safety Systems of Nuclear Power Plants,” issued for public comment as DG-1210. The package for Rev. 1 of RG 1.173 is in ADAMS at Accession No. ML13008A338.

III. Backfitting and Issue Finality

Issuance of this revised RG does not constitute backfitting as defined in 10 CFR 50.109 (the Backfit Rule) and is not otherwise inconsistent with the issue finality provisions in 10 CFR part 52. As discussed in the “Implementation” section of this RG, the NRC has no current intention to impose this RG on holders of current operating licenses, early site permits or combined licenses, unless this final RG is part of the licensing basis for the facility. The NRC may apply this revised RG to applications for operating licenses, early site permits and combined licenses docketed by the NRC as of the date of issuance of the final RG, as well as to future applications for operating licenses, early site permits and combined licenses submitted after the issuance of the RG. Such action does not constitute backfitting as defined in 10 CFR 50.109(a)(1) and is not otherwise inconsistent with the applicable issue finality provision in 10 CFR part 52, inasmuch as such applicants or potential applicants are not within the scope of entities protected by the Backfit Rule or the relevant issue finality provisions in part 52.

IV. Congressional Review Act

This RG is a rule as designated in the Congressional Review Act (5 U.S.C. 801-808). However, the Office of Management and Budget (OMB) has not found it to be a major rule as designated in the Congressional Review Act.