Instrumentation and Control

DOE-STD-3024-98

Examples of requirements are the length of time the

computer hardware and software. The topics

system must be capable of performing its function(s)

addressed in section 3.3.6 should be those unique to

following the loss of normal utility power, and fail-

computer hardware and software. Examples of such

safe states that equipment must assume upon loss of

types of requirements include: sample rates, real-

power.

Another example is power quality

time performance, data communications, and

requirements. For example, a component that is

provisions for backing up programs and data.

critical to the proper functioning of a safety system

may be sensitive to voltage or frequency

If there are requirements on the design and

perturbations and thus have a power quality

development process for computer hardware and

requirement that the component receive regulated

software aspects of the system being described (for

power from an uninterruptible power supply with

example, verification and validation, or qualitative

specific output parameters, such as between 118.5

reliability goals), they should be described in this

and 121.5 Vac and between 59 and 61 Hz at the

section of the SDD. Key design documentation

input terminal of the device.

(such as the Software Requirements Specification)

should be referenced.

3.3.5 Instrumentation and Control

Note: The performance of digital

systems over the entire range of input

This subsection shall identify those instrumentation

conditions cannot be inferred from

and control engineering requirements (and their

testing a limited sample of input

bases) related to the system being described. This

conditions. Therefore, the design

subsection is focused primarily on hardware

qualification for digital systems is

controls; computer hardware and software controls

often based on requirements for

are addressed separately in a later section.

employing a high-quality development

process that incorporates disciplined

This section of the SDD shall include requirements

specification and implementation of

for manual and automatic actions for system

design requirements.

initiation and control, indicators, alarms, and

manual controls that are used to operate the system.

If diverse or defense-in-depth features are provided

This section shall identify required ranges and

as backup to protect against hardware or software

accuracies.

features, these features should be identified in this

section of the SDD.

This section shall distinctively identify

instrumentation that either is (or will be) directly

Note: Software and hardware are

subject to TSR requirements or provides

often shared to provide multiple

information to verify compliance with TSRs. This

functions to a greater degree than is

section of the SDD shall identify the required

typical for analog systems. Although

nominal values of the setpoints associated with the

this sharing is the basis for many of

system and ranges of acceptable setpoint values.

the advantages of digital systems, it

The basis information shall explain any limitations,

also presents the potential for common

either administrative, design, and limits important to

mode failures (or common cause

safety, that may exist on the system or its

failures) that might defeat the

components.

redundancy provided within the

hardware and software. Sometimes

3.3.6 Computer Hardware and Software

diverse or defense-in-depth features

that are not susceptible to the effects of

This subsection shall identify those computer

such failures are provided to ensure

hardware and software engineering requirements

that their consequences are tolerable.

(and their bases) related to the system being

For example, the automatic computer

described. Many of the instrumentation and control

monitoring and alarming for certain

topics discussed in section 3.3.5 are also relevant to

Page 12