1 / 10

Graded Configuration Management at JLab

This presentation discusses the graded approach to configuration management (CM) at JLab, including the use of multi-level systems and the challenges encountered in distinguishing between different CM levels.

dcase
Download Presentation

Graded Configuration Management at JLab

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Graded Configuration Management at JLab This is a follow-on presentation to “Safety Configuration Management Process at JLab” presented by Harry Fanning at ASW 2017 held at Jefferson Lab Notice: Authored by Jefferson Science Associates, LLC under U.S. DOE Contract No. DE-AC05-06OR23177.

  2. Graded Configuration Management at JLab, cont’d. • Harry Fanning discussed Safety Configuration Management Process at JLab at ASW 2017 • JLab uses a “Graded Approach…to assess the complexity, safety risk, expense, and level of maintenance required for the system or software/firmware being designed” • Process is flexible, integrated into USI process, part of CAS • Takes the form of multi-level system for Configuration Management (CM) • Level 1 CM Systems - Critical to mission/operation, high safety impact, operational and maintenance information at hand – have the highest level of CM, includes • Systems which are determined to be critical to protect workers, users, contractors, the public and the environment and as outlined in the lab’s Final Safety Assessment Document (FSAD). • Active and Passive Engineered, Administrative Credited Controls in the ASE are Level 1 CM Systems Graded Configuration Management at JLab

  3. Graded Configuration Management at JLab, cont’d. • An interesting situation occurred: we discovered a inoperable vent fan in an area with potential oxygen deficiency hazard (ODH) conditions • The vent fan is NOT a Credited Control in the ASE; absence or presence of ventilation changes the time constant over which an ODH condition can occur but does not mitigate the condition • There IS a Credited Control - an ODH monitoring system – fully functioning, calibrated, etc. in that area • We asked the bigger question: • Do we have any components or systems that are not Credited Controls (not associated with accelerator ops and not in the ASE) but are providing protection similar to that of Credited Controls? • And, if we do… • Do we have consistent CM requirements for all systems and components that have similar safety functions, regardless of their application or location? Graded Configuration Management at JLab

  4. Graded Configuration Management at JLab, cont’d. • We conducted an inventory of components and systems that appeared to have safety related functions but are not classified as Credited Controls ~ 16 systems/components providing personnel protection functions ~ 11 systems/components providing “defense-in-depth” functions • With this information, we asked: • “What ought the configuration management be for “non-credited” systems and components that have “safety function” similar to Credited Controls • What about systems that have “safety functions” but are not providing protection at the level of Credited Controls? • How do we distinguish these systems? • We chose the obvious answer: try a graded approach based on the COEM • Apply COEM and see which systems ended up as level 1, 2, 3 etc. Graded Configuration Management at JLab

  5. Graded Configuration Management at JLab, cont’d. • Initial results: we found what we expected - several additional Level 1 CM systems and components in non-accelerator systems • Systems that monitor for oxygen deficiency • Engineered systems that prevent hazardous energy delivery • Perfect opportunity to review the graded application process separating Level 1 and 2 CM systems and components • Results didn’t pass the “gut check” • We captured a large number of systems and components into Level 2 CM that didn’t seem to belong • Sorting algorithm had insufficient resolving power to distinguish clearly between some Level 1 and 2 CM and some Level 2 and 3 CM systems and components • Requirements at each CM levels were unbalanced • We had virtually no systems and components in Level 3 CM Graded Configuration Management at JLab

  6. Graded Configuration Management at JLab, cont’d. • Worked with Engineering Division to revise (calibrate) the COEM grading process using the aforementioned inventory of systems and components and then to reapply it • After several iterations, the sort on systems and components made more sense • Engineering Division published a COEM revision that • Provided better delineation between CM Levels • Reasonable distribution of requirements based on level of safety • Lists of Level 1 and Level 2 systems and components provided to system owners and subject matter experts for fact-check • Effort is underway to assess resources necessary for prioritized response: • Level of effort to provide necessary documentation for new Level 1 CM systems and components • Level of effort to assure Level 1 CM systems and component configuration is managed Graded Configuration Management at JLab

  7. Graded Configuration Management at JLab, cont’d. Graded Configuration Management at JLab

  8. Graded Configuration Management at JLab, cont’d. Graded Configuration Management at JLab

  9. Graded Configuration Management at JLab, cont’d. • Level of effort assessment involves several groups • Engineering groups including Safety Systems Group to help with performance specification document development for Level 1 CM • Software group developing tool to track and manage Level 1 and Level 2 CM systems, documentation, and system status • Initials results • Much of the information required for these existing systems and components that are now captured to Level 1 CM is there • The difficulty will be finding it, fixing the contents, formatting… • Some information will have to be developed from scratch • Anticipated outcomes • All Level 1 CM systems/components will have consistent, high quality documentation, performance specification, maintenance and calibration, change management processes, etc. • All Level 1 and all Level 2 CM (defense-in-depth) systems documentation and management will use a software driven tool to assist system owners in meeting specifications Graded Configuration Management at JLab

  10. may@jlab.org Bob May Summary Effort underway to normalize CM requirements for all systems that protect people • No change in requirements for accelerator Credited Controls • Increased requirements for non-accelerator systems • Better definition for requirements that are “defense-in-depth” Overall quality of CM improved for people protection!

More Related