Digital procurement is nothing to be afraid of. Programmable components are creeping (sometimes unexpectedly) into many devices used by the nuclear industry. It is time for the industry to embrace this technology. To help, here are some pointers for your consideration. Presented by Andrew Nack, PE, Senior Instrumentation & Controls Engineer, ATC Nuclear, on Feb. 10 at the EPRI Procurement Forum in Williamsburg, VA.

1. Digital Procurement
Considerations
Andrew Nack, PE
Senior Instrumentation & Controls Engineer
Feb 2015
JUTG

2. 2
Overview
 Programmable Digital Devices
(PDDs)
 Embedded Digital Services
(EDDs)
 Electro-Magnetic Compatibility
(EMC)
 Cyber Security

3. 3
Safety-Related
Programmable Digital Devices
Manufactured Under A 10CFR50 App B QA
Program
 Technical Requirements: IEEE 7-4.3.2
o Verification & Validation (IEEE 1012)
 Limited Selection and Availability
Commercial Off The Shelf (COTS)
 Technical Requirements: IEEE 7-4.3.2
o Verification & Validation (IEEE 1012) – Very Unlikely
 Unlike with non-programmable COTS devices, the development life cycle
activities are evaluated during Commercial Grade Dedication
 Built-in Quality & Critical Digital Reviews (CDRs)
EPRI TR-106439 and 1011710

4. 4
Important to Safety
Programmable Digital Devices
Important to Safety (ITS)
Risk Significant
Augmented Quality
What does Augmented Quality mean in terms of Requirements?
 IEEE Nuclear Power Engineering Committee (NPEC)
o Working Group 6.6: IEEE P1891 (projected for publishing in 2017)
 Apply a graded approach of IEEE 7-4.3.2:
o What level of rigor in Life Cycle Development (includes V&V) investigation is
appropriate?
o What level of hazard analysis is appropriate?
o What elements of CGD style Acceptance Testing are appropriate?

5. 5
Embedded Digital Devices
NRC Regulatory Issues Summary 2013-####
 Heighten Awareness Of Embedded Digital Devices existing within procured
safety systems/components that have not been explicitly identified
 Increased use of embedded digital devices may increase vulnerability to:
o common cause failure
o challenge equipment electromagnetic compatibility
o degraded equipment reliability
 Recent NRC Workshop - October 2014
http://pbadupws.nrc.gov/docs/ML1428/ML14281A546.html
 Lesson Learned: During procurement, ask the vendor if there are embedded
digital devices
Examples: Circuit Breakers, Actuators, Pumps, Time-delay Relays

6. 6
Embedded Digital Devices
How Should IEEE 7-4.3.2 be Applied to Devices
That Utilizes EDDs to Perform Simple
Functions?
 Mainly COTS items
 Measure of Functionally Simple vs.
Complex
 Measure of Testability to prove
Deterministic Behavior
 What level of rigor in Life Cycle
Development (includes V&V) investigation
is appropriate?
 What level of hazard analysis is appropriate?

7. Electro-Magnetic Compatibility
(EMC) Qualification
What Information is Necessary to be Provided by the Utility
to the Vendor?
Is This “One Size Fits All” PO Requirement Sufficient?
“EMI/RFI Qualified in Accordance With EPRI TR-102323”
 What are the Functional Requirements?
 What is the Acceptance Criteria?
 Which tests are needed?
 High Frequency Radiated Emissions
 Low Frequency Radiated Emissions
 High Frequency Conducted Emissions
 Low Frequency Conducted Emissions
 High Frequency Radiated Susceptibility
 Low Frequency Radiated Susceptibility
7
 High Frequency Conducted Susceptibility
 Low Frequency Conducted Susceptibility
 Electrically Fast Transient Susceptibility
 Combination Wave Surge Susceptibility
 Ring Wave Surge Susceptibility
 Electrostatic Discharge Susceptibility

8. Electromagnetic Compatibility
(EMC) Qualification
See EPRI 3002000528 (Revision 4 of TR-102323)
Appendix K (Procurement Specification Guidance)
Testing Details are Device and Application
Dependent
 How much EUT Output Signal Error is acceptable?
 What type of Cabling is planned to be used?
 Proximity of Equipment Under Test (EUT) to Low Frequency
Emitters?
 Is Electro-Static Discharge (ESD) a concern?
 …
8

9. 9
Cyber Security
Don’t Ask Vendors to Comply With General Industry
Documents
 NIST 800-53, NEI 08-09, 10CFR 73.54, US NRC RG 5.71, NERC-CIP
 Requirements for Utilities to develop their own Program Requirements &
Methodologies
 No Cyber Security Standard is a “One Size Fits All” PO requirement
Vendors Can Work With Utilities by Following Guidance:
 EPRI 1025824 Cyber Security (CS) Procurement Methodology
 EPRI 3002001735 CS Methodology Application Example 1:
Digital Valve Controller
 EPRI 3002001823 CS Methodology Application Example 2:
Feedpump Turbine Speed Control
 EPRI 3002002069 CS Methodology Application Example 3:
Digital Feedwater Control

10. Digital Procurement
Conclusions
10
Augmented Quality Requirements Are Being Defined
EMC Qualification PO Requirements—
One Size Does Not Fit All
Cyber Security PO Requirements—
One Size Does Not Fit All

11. 11
About ATC Nuclear
For over 20 years ATC Nuclear has been providing an unmatched level of
commitment as a turnkey resource for our customers’ supply chain needs. Dedicated
to quality, safety, and reliability, ATC Nuclear takes pride in delivering premium
products to our clients by utilizing our superior technical expertise.
Request More Information Now
Are you interested in finding out how ATC Nuclear can work with your company? We
provide commercial grade dedication, seismic and environmental testing, investment
recovery, sourcing, obsolete parts, and more.
http://www.argoturbo.com/Nuclear