Software safety analysis of digital protection system requirements using a qualitative formal method

Jang Soo Lee, Kee Choon Kwon, Sung Deok Cha

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


The safety analysis of requirements is a key problem area in the development of software for the digital protection systems of a nuclear power plant. When specifying requirements for software of the digital protection systems and conducting safety analysis, engineers find that requirements are often known only in qualitative terms and that existing fault-tree analysis techniques provide little guidance on formulating and evaluating potential failure modes. A framework for the requirements engineering process is proposed that consists of a qualitative method for requirements specification, called the qualitative formal method (QFM), and a safety analysis method for the requirements based on causality information, called the causal requirements safety analysis (CRSA). CRSA is a technique that qualitatively evaluates causal relationships between software faults and physical hazards. This technique, extending the qualitative formal method process and utilizing information captured in the state trajectory, provides specific guidelines on how to identify failure modes and the relationship among them. The QFM and CRSA processes are described using shutdown system 2 of the Wolsong nuclear power plants as the digital protection system example.

Original languageEnglish
Pages (from-to)227-239
Number of pages13
JournalNuclear Technology
Issue number2
Publication statusPublished - 2004 Aug
Externally publishedYes


  • Formal method
  • Safety analysis
  • Software requirements

ASJC Scopus subject areas

  • Nuclear and High Energy Physics
  • Nuclear Energy and Engineering
  • Condensed Matter Physics


Dive into the research topics of 'Software safety analysis of digital protection system requirements using a qualitative formal method'. Together they form a unique fingerprint.

Cite this