Data Collection, Organization and Timing Synchronization during

monitor performance and ensure continued operability, reliability, availability and effectiveness of the network to collect and communicate the data from automated physical protection subsystems.

6.31. The operator should establish procedures and schedules for the preventive maintenance of PPS network systems based on the type of equipment installed, the conditions under which the equipment operates and the maintenance history of the equipment.

6.32. The life cycle of PPS network components and systems should be managed to ensure that components are replaced before they fail due to ageing or obsolescence, taking account of manufacturers’ claimed or historically observed lifetimes. The following activities can facilitate recovery in case of unpredicted failures:

(a) Modular design to allow for rapid replacement and return to service.

(b) Frequent backup of the databases and system configuration.

(c) Documented recovery procedures to return the network to full operability after an outage.

(d) Availability of original or compatible spare parts and equipment. Changes in vendors and suppliers might need monitoring to ensure this availability.

7.3. This section provides guidance for evaluating technology needs or gaps in an existing PPS, identifying candidate technologies to address needs or gaps and evaluating them before procurement and implementation. A technology need or gap is a limitation in the currently implemented PPS or a lack of capability to address an existing or future need. Conceptually, the difference between current PPS technologies and new and emerging technologies is simply whether or not a given PPS technology is commonly used at nuclear facilities within a State.

7.4. A State or operator might develop a structured technology management framework to ensure that new and emerging PPS technologies are integrated with existing systems. The objective of such a framework is to identify and develop new and emerging security technologies and to ensure that they will be effective and reliable in the relevant environment, and available for use.

7.5. It is advisable that the management framework:

(a) Identify new and emerging threats and identify how they could affect the facility, and define any new or upgraded security measures needed;

(b) Identify research and development or new technologies that will help address emerging threats and common needs;

(c) Identify technologies that best address a defined need and have undergone sufficient tests and evaluations;

(d) Integrate PPS technologies at a nuclear facility to achieve overall system objectives;

(e) Ensure that the new technology is sufficiently mature for use at a nuclear facility.

7.6. A suggested framework for new and emerging technologies includes formalized processes for conducting needs assessment, tests and evaluation and technology deployment (see Fig. 40). Within the proposed framework, a needs assessment is used to identify areas where technology might address existing gaps or issues, and research and development that could support potential technologies to address future needs and threats. Candidate technologies are then screened to identify those that can be developed into or used in their current state as mature, viable solutions to defined needs. The final stage is to accept mature security technologies that are ready to be used in facilities as needed and that can be integrated with other security technologies.

NEEDS ASSESSMENT

7.7. A needs assessment is a systematic process used to determine needs, examine their nature and causes and set priorities for future action to address them (see Fig. 41). It focuses on the goals to be achieved rather than the means to achieve them. The goals might be influenced by many factors, such as changes in the threats, changes in regulatory requirements, changes in operations at a nuclear facility or a desire to increase effectiveness or efficiency of the PPS. The results are used to set priorities and to determine criteria for potential solutions to help decision makers reach sound decisions on how to best allocate available resources.

7.8. The first step in a needs assessment is determining the current state of the existing PPS and the current threat. Issues or concerns are identified from a number of sources, including from assessments or evaluations, from analyses of the performance of a PPS, or from changes in the threat, regulatory requirements or facility operations. Measurable indicators of need should be developed where possible. For example, existing sensors might have a tested sensing probability of 0.75, whereas the desired (or required) performance is a sensing probability of 0.80. Sources of data to analyse the issue in detail should also be identified.

Technology deployment

Use test and evalua�on results

• to:

o o

• o

Technologies

• Conduct R&D

•

•

•

• Use test and evalua�on results to:

o o o

Needs assessment

• Iden�fy needs or gaps o Emerging threats o Changing requirements o New technologies

• Iden�fy candidate exis�ng

•

Test and evalua�on

• Iden�fy candidate technologies

• Develop structured test plans

• Determine technology performance, applicability, and maturity

•

o Shelve technology for future o Integrate into procurement use

process for needs as they arise o Field the technology

FIG. 40. Proposed technology management framework.

7.9. Data are then gathered to analyse each identified issue. A gap analysis should be conducted to identify specific areas in any system that needs improvement, and thereby to identify gaps between the current state and the desired state. A causal analysis is a structured analysis to determine what led to the identified issue or gap to help to ensure that any solutions identified will address the actual cause of the issue and not just a symptom. For example, the sensor in the example above might have a low sensing probability due to limitations of the communication between the sensor and the alarm communication and display system and not due to the sensor hardware itself. Replacing the sensor in this case would not address the root cause of the issue.

7.10. The results of the needs assessment analysis phase are documented to provide information that decision makers can use to establish priorities, select strategies and develop specifications for PPS technologies that have the potential to meet the defined needs to be considered in the test and evaluation process.

TESTING AND EVALUATION

7.11. The purpose of testing and evaluation is to provide information to decision makers by verifying and validating performance requirements, assessing how well a technology meets those requirements, and determining whether systems are mature, operationally effective and suitable for the intended use. During the early phases of evaluation of a new technology, testing and evaluation are conducted to demonstrate the feasibility of conceptual approaches, evaluate design risks, identify design alternatives, compare and analyse trade‑offs, and estimate the feasibility of meeting operational requirements. As a new technology undergoes design and development, the iterative process of testing gradually moves from

MAKE DECISIONS MAKE DECISIONS ANALYZE DATA

ANALYZE DATA CURRENT STATE

CURRENT STATE

• Gather data on needs

• Gap analysis

• Casual analysis

• Set Priori�es

• Select solu�on strategies

• Develop system specifica�ons

• Iden�fy issues or concerns

• Determine measurable indicators

• Iden�fy data sources

MAKE DECISIONS ANALYZE DATA

CURRENT STATE

• Gather data on needs

• Gap analysis

• Casual analysis

• Set Priori�es

• Select solu�on strategies

• Develop system specifica�ons

• Iden�fy issues or concerns

• Determine measurable indicators

• Iden�fy data sources

MAKE DECISIONS ANALYSE DATA

CURRENT STATE

• Gather data on needs

• Gap analysis

• Causal analysis

• Set priori�es

• Select solu�on strategies

• Develop system specifica�ons

• Iden�fy issues or concerns

• Determine measurable indicators

• Iden�fy data sources

FIG. 41. Needs assessment process.

design testing and evaluation, which is chiefly concerned with the attainment of engineering design goals and the verification of technical specifications, to operational testing and evaluation, which focuses on questions of operational effectiveness and suitability to address a defined need.

7.12. Formalized testing and evaluation processes have been developed for hardware, but the processes also need to be applied and adapted to provide effective testing of software. In both cases, the testing and evaluation process needs to be thorough, logical, systematic and iterative, with early testing followed by feedback of well documented and unbiased test and evaluation results to system developers, users and decision makers.

7.13. Most testing and evaluation processes can be summarized in four major steps:

(1) Developing test objectives.

(2) Developing a pre‑test plan (including expected results from the tests).

(3) Conducting tests, including:

(i) Developing detailed test plans;

(ii) Gathering test data;

(iii) Analysing test data;

(iv) Documenting test results.

(4) Conducting and documenting post‑test evaluation.

7.14. Test objectives are developed based on the results of the needs analysis and might relate to factors such as performance specifications, user needs, environmental or operational requirements, human interface requirements, mean time between failures, ability to integrate with other systems and ease of maintenance.

7.15. Pre‑test analysis of the evaluation objectives is used to determine the types and quantities of data needed, the results expected from the tests and the analytical tools needed to conduct the tests and evaluations. Consideration can also be given during the pre‑test analysis to how to design test scenarios, how to set up the test environment, how to record the tests, what resources are needed, the best sequence for the tests and how to estimate test outcomes.

7.16. Conducting the tests involves developing specific test plans, performing the tests, gathering and analysing data and documenting the test results. The tests should be planned and conducted to provide sufficient data to support analysis.

The data should then be reviewed for completeness, accuracy and validity before being used for the final step in the process.

7.17. The final step in the process is post‑test evaluation, which is the comparison of the measured outcomes (the test data) with the expected outcomes, evaluating the data and applying technical and operational judgement. When the measured outcomes differ from the expected outcomes, the test conditions and procedures should be re‑examined to determine whether the performance deviations are real or the result of test conditions. Such deviations might result from inaccurate computer simulations [2], deficiencies in the test equipment or conditions, instrumentation errors or errors in the testing processes. Parameters studied to represent the operational environment, systems performance and logistics support should be carefully chosen, fully described and documented before testing.

Modelling and simulation can be used during the data analysis to support the evaluation of performance, effectiveness and suitability.

TECHNOLOGY DEPLOYMENT

7.18. Technology deployment is the process of adding a new or improved technology to an existing system. The aim is to deploy the technology consistent with security requirements within a reasonable time and at the lowest cost. The goals of technology deployment are:

(a) To use the best technology available from all sources, as applicable;

(b) To deploy the technology rapidly after selection;

(c) To refresh the technology, as needed, to maintain an effective PPS throughout the life of the system.

7.19. Technology deployment addresses the following objectives:

(a) To improve and refresh an existing PPS as needed;

(b) To maintain functionality of systems or components of a PPS by updating technologies to prevent obsolescence in an existing system;

(c) To enhance the functionality of systems or components of a PPS by upgrading a technology or adding new technology to enhance the capability of the existing PPS.