Design control is the program that governs how nuclear engineering design is developed, verified, and changed. NQA-1 Requirement 3 and 10 CFR 50 Appendix B Criterion III establish the requirements. The core principle is that requirements flow in at the design input stage and the final design must demonstrably satisfy those inputs. Verification, performed by methods other than those used in the original design, must confirm this before the design is released for procurement or construction. Unverified designs and undocumented changes to approved designs are among the most consequential quality failures in the nuclear supply chain.

01

Design inputs

Design inputs are the requirements that the design must satisfy: applicable codes and standards, regulatory requirements, functional requirements, environmental conditions (temperature, pressure, radiation, seismic), interface requirements from adjacent systems, and any site-specific conditions. Design inputs must be identified, documented, and reviewed for adequacy before design work begins. Starting design work before inputs are fully defined leads to rework when gaps are discovered later, or worse, to designs that embed assumptions that prove to be incorrect.

Incomplete design inputs are particularly problematic at organisational interfaces, when one party's output becomes another's input. A supplier receiving a purchase order with incomplete or ambiguous requirements cannot be expected to produce a design that satisfies unspecified needs. Procurement documents should specify design inputs completely, including the applicable revision of every referenced code and standard. Changes to design inputs after design work has begun require formal change control and re-evaluation of completed design work affected by the change.

02

Design verification

NQA-1 Requirement 3 requires that designs be verified by personnel other than those who performed the original design. Verification methods include: design review, alternate calculation, qualification testing, and comparison to a reference design or established standard. The method must be appropriate to the significance and complexity of the design activity, a design review of a straightforward dimensional calculation is appropriate; an alternate calculation performed independently is required for a safety-critical structural analysis.

Verification must check that the design correctly translates inputs into outputs, not merely that the calculation mechanics are correct. A calculation that correctly solves the wrong problem does not constitute adequate verification. The verifier must assess whether the inputs used are the correct and current ones, whether the methodology is appropriate to the problem, whether the acceptance criteria are correct, and whether the result satisfies the stated requirements.

Independence requirement: The independence requirement for design verification is substantive, not merely organisational. Re-performing a calculation using the same method as the original designer does not constitute independent verification if it cannot detect input or methodology errors. The verifier must bring genuinely independent technical judgement to the review.

03

Interface control

Complex nuclear projects involve multiple design organisations working on interconnected systems. Design interface control is the process of identifying, documenting, and managing the technical boundaries between these organisations: what information crosses each interface, in what form, under what revision control, and with what mutual agreement on the values used. Interface control documents (ICDs) or similar formal mechanisms capture these agreements.

When interface requirements change, a revised seismic input, a changed pipe routing, a modified support location, the change must be communicated to all affected parties and downstream designs re-evaluated for impact. Interface failures, where assumptions made by one designer are inconsistent with the actual outputs from another, are a recurring source of design errors in complex projects. They are most likely to occur when interfaces are managed informally, when scope changes are communicated verbally rather than through controlled documents, or when the interface management process does not require explicit confirmation from the downstream party that they have received and accepted revised inputs.

04

Design changes and change control

Changes to approved designs must be controlled with the same rigour as the original design. This means new or revised design inputs must be identified, the change must be verified, and the impact on related design elements, previously completed analyses, interface agreements, qualification bases, procurement documents, must be evaluated. The change must be approved before implementation, and the approval must be documented at an appropriate authority level.

Unauthorised design changes, field modifications that bypass the formal change control process, are a significant regulatory concern. Even apparently minor field changes can affect the design basis if they alter loads, clearances, materials, or functional characteristics. In US-licensed facilities, changes that have the potential to affect the safety analysis must be evaluated under 10 CFR 50.59 before implementation; changes that require prior NRC approval cannot be made under 50.59 without that approval. An inadequate 50.59 evaluation, concluding that no prior approval is needed when one is actually required, is one of the more serious regulatory findings in nuclear operations.

Forged Operations enforces design control workflows, linking design inputs to verification evidence, tracking change orders through approval chains, and flagging interface impacts when upstream designs are revised. AI surfaces unverified design outputs before they reach procurement or construction.

Book a demo Learn more →

Related terms

Configuration Management Procurement & Supplier QA NQA-1 10 CFR 50 Appendix B

References

  1. American Society of Mechanical Engineers. ASME NQA-1-2022: Quality Assurance Requirements for Nuclear Facility Applications, Requirement 3 — Design Control. New York: ASME, 2022.
  2. U.S. Nuclear Regulatory Commission. "Criterion III — Design Control." Code of Federal Regulations, 10 CFR 50 Appendix B. Washington, D.C.: NRC.
  3. U.S. Nuclear Regulatory Commission. 10 CFR 50.59 — Changes, Tests, and Experiments. Washington, D.C.: NRC.
  4. CSA Group. CSA N286:12(R2018): Management System Requirements for Nuclear Facilities, Clause 7.3 — Design and Development. Toronto: CSA Group, 2018.