Add to collection(s) Add to saved
  1. No category

TIW-PPT-10-Risk Assessment aer

advertisement 
Risk Assessment and
Probabilistic Risk Assessment
(PRA)
Mario. H. Fontana PhD.,PE
Research Professor
Arthur E. Ruggles PhD
Professor
The University of Tennessee
1
Definition of Risk
• Risk = Probability of occurrence x
consequences. We will focus on Core
Damage, or Large Early Release as
consequences.
• PRA models are normally consequence
specific.
2
Total Risk = Σpici
Total risk would include releases,
core damage, and others.
3
Probability
• Probability is a way to predict stochastic events
• Common events: probability fairly well known.
(e.g., MOCV failure rate, lots of data)
• Rare events: Less well known. Much less data.
• New Systems and Components: No data…
4
Consequences
• Conseqences from nuclear reactor
accidents could be
– damage to plant
– Impact to environment
– Loss of land use
– Cost of evacuations, sheltering, etc
– Health (morbidity) effects
– Life threatening effects
5
Fault Trees
• Fault trees are used to determine the
probability of a “top event” (e.g., core
damage).
• Top event defines the failure or success of
a system or component
• Fault tees use a structure of logical
operations to calculate the probability of
the top event as a result of “basic events”
inputs
6
Fault Trees (2)
• The undesired event is stated at the top of
the tree
• The fault tree gates specify logical
combinations of basic events that lead to
the top event
• Fault trees can be used to identify system
weaknesses
7
Fault Trees (3)
• Fault trees can help recognize
interrelationships between fault events
• Fault trees consist of logic gates and basic
events as inputs to the logic gates
• Logic Gates: Boolean operations (union or
intersection) of the input events
• Basic Events: Faults such as a hardware
failure, human error, or adverse condition
8
AND Gate
• Event 6 and event 7 must occur to “pass” the
gate. P(Q) =P(A)*P(B)
9
Amplifier Failure Mode Probabilities, NUREG 0492
10
Probabilities add for the OR gate, since either input, or both, will
pass failure through. P(Q)=P(A)+P(B)
11
Basic event
• Basic events provide input to the fault tree,
such as failure of a component or system,
expressed as a probability. The circle
indicates that no further development is
necssary
Basic event
1
1.000E-2
EVENT-1
Basic event
2
1.000E-2
EVENT-2
12
Additional Gates (SAPHIRE)
ADDITIONAL GATES
--E--
2
3
GATE-7-0
N/M Gate (2 out of 3)
EVENT-7-1
EVENT-7-1
INHIBIT Gate
ADDNL-GATES-&-SYMBOLS - Additional gates & symbols
8
TRANS-7-2
TRANSFER Gate
--E-EVENT-7-3
HOUSE Event
--E-EVENT-7-4
UNDEVELOPED Event
2007/09/19
Page 7
13
Steps to building a fault tree
• Identify a top event as a failure to perform
a function (system, component, or human
failure, for example)
• Identify events that could contribute to
failure of the top event (usually logic
gates)
• Identify further “lower level” events that
could contribute to the intermediate event
14
Steps to building a fault tree (2)
• Continue until reach basic events, which
comprise inputs (such as component
failures) to the tree
• Saphire then will perform the calculations
15
Outputs from Saphire calculations
• Calculate failure probability of top event
• Calculate failure probability of intermediate
events
• Identify cut sets
– Cut set is a sequence of events that proceed
from the basic event to the top event in an
unbroken sequence
– Minimal cut sets are cut sets that contain
minimal number of events that are not
contained in other cut sets.
16
Outputs from Saphire calculation
(2)
• Provide importance factors that indicate
relative importance of Basic events
• e.g, RIR, Risk increase ratio: Ratio of top
event failure probability with a given Basic
event failure probability set to 1
(“guaranteed failure”) and the rest
remaining at their baseline value.
• There are several other measures that will
be discussed later(See Saphire)
17
Outputs from Saphire calculation
(3)
• Calculate uncertainty of top event failure
probability given uncertainty distributions
of the basic events.
• Usually calculations are done with point
probability values (no distribution) but
others can be done with different inputs
– Normal, log normal, uniform, histogram, many
others
18
Cut Sets
• A cut set is the path by which one or more basic
events lead to the top event.
• For example,
– a one element cut set identifies where failure of one
basic event causes failure of the top event
– a two element cut set shows how failure of two basic
events cause failure of the top event
• Obviously, one element cut sets should be
avoided. (Like one bolt holding on a wing of an
airplane – one failure causes one disaster.)
19
Cut sets (2)
• Minimal cut sets are the smallest set of
events that can cause failure of the top
event. Cut sets that contain events
already contained in a smaller set are
discarded. What’s left are minimal cut
sets.
20
Larger Model
Engine fails
to start
CLASS-DEMO
Internal fuel
pump damage
1.000E-2
EVENT-F.4
Fuel supply
fails
Ignition fails
Starter inoperable
GATE-F.1
GATE-IG-1
GATE-S.1
No gas in tank
Fuel injection
failure
Battery fails
GATE-F.2
EVENT-IG.1
1.000E-2
1.000E-2
EVENT-F.7
Battery fails
1.000E-2
Spark plug wire
no 3 fails
GATE-F.3
EVENT-IG-5
1.000E-2
Gasoline not
free of gunk
1.000E-2
EVENT-F.5
2
EVENT-IG.2
Fuel injectors
fouled
1.000E-2
EVENT-IG.1
Spark plugs
wires or plugs
failed
Distributor
system fails
Battery fails
1.000E-2
4
GATE-1G.2
Spark plug wire
1 fails
1.000E-2
EVENT-IG.3
Starter fails
1.000E-2
EVENT-IG.1
Spark plug wire
no 2 fails
1.000E-2
EVENT-IG.4
EVENT-S.1
Spark plug wire
no 4 fails
1.000E-2
EVENT-IG.6
Gasoline filter
failed
1.000E-2
EVENT-F.6
21
CLASS-DEMO - Demonstration for class
2007/09/24
Page 1
Cut sets
Engine fails
to start
CLASS-DEMO
Internal fuel
pump damage
1.000E-2
EVENT-F.4
Fuel supply
fails
Ignition fails
Starter inoperable
GATE-F.1
GATE-IG-1
GATE-S.1
No gas in tank
Fuel injection
failure
Battery fails
GATE-F.2
EVENT-IG.1
1.000E-2
1.000E-2
EVENT-F.7
Battery fails
1.000E-2
Spark plug wire
no 3 fails
GATE-F.3
EVENT-IG-5
1.000E-2
Gasoline not
free of gunk
1.000E-2
EVENT-F.5
2
EVENT-IG.2
Fuel injectors
fouled
1.000E-2
EVENT-IG.1
Spark plugs
wires or plugs
failed
Distributor
system fails
Battery fails
1.000E-2
4
GATE-1G.2
Spark plug wire
1 fails
1.000E-2
EVENT-IG.3
Starter fails
1.000E-2
EVENT-IG.1
Spark plug wire
no 2 fails
1.000E-2
EVENT-IG.4
EVENT-S.1
Spark plug wire
no 4 fails
1.000E-2
EVENT-IG.6
Gasoline filter
failed
1.000E-2
EVENT-F.6
22
CLASS-DEMO - Demonstration for class
2007/09/24
Page 1
EVENT TREES
• Event trees start with an initiating event,
branch to the right as various safety
functions are questioned for success (up)
or failure (down) (ref Saphire manual)
• Event trees
– Identify accident sequences
– Identify safety system functions
– Quantify sequence frequencies
23
EVENT TREE DEVELOPMENT
Plant familiarization
Define safety functions and success criteria
Select initiating events
Determine plant response
Define accident sequences & plant damage
states
Identify system failure criteria
Develop fault trees & link to event tree
24
EVENT TREE TERMINOLOGY
• Initiating event
• Top event – Safety systems intented to respond
to the initiating event
• Branching – Underneath a top event – Up=
success, Down= failure
• Pass – No branch beneath a top event
• Sequence – Branching path, initiating event to
end state
• End states – consequences and probabilities
25
Event tree- Reactor Loss of Offsite
Power
Loss of offsite
power initiating
Emergency core
cooling system
Containment
system
LOSP
ECCS
CCS
EVENT TREE LOSP -
#
END-STATE-NAMES
1
OK-NO-RELEASE
2
SOME-LATE-RELEASE
3
MEDIUM-LATE-RELEASE
4
LARGE-EARLY-RELEASE
2007/10/07
Page 2
26
Emergency Core Cooling System
Fault Tree (ECCS)
Emergency core
cooling system
ECCS
Loss of heat
sink
1.000E-2
EVENT-ECCS-1
Loss of diesel
power
1.000E-2
EVENT-ECCS-2
Loss of water
source
1.000E-2
EVENT-ECCS-3
27
ECCS - Emergency core cooling system
2007/10/09
Page 1
Summary
• Risk assessment is a powerful tool for
– Forcing disciplined approach to analysis of safety
issues
– Forcing understanding of the system being evaluated
– Providing methods for estimating modes of failures
– Providing methods for estimating probabilities of
failures
– Identifying areas where more information is needed
– Identifying acceptability and/or areas needing
improvement
28
Related documents
One Thing Remains
One Thing Remains
Basics of FT and ET analysis
Basics of FT and ET analysis
Document
Document
poems about environment RO
poems about environment RO
GA_Resources and Choices
GA_Resources and Choices
Science Jeopardy
Science Jeopardy
(1 + 2) • (3 + 4)
(1 + 2) • (3 + 4)
ch 3 Enhance the Curriculum with Materials wout all pictures
ch 3 Enhance the Curriculum with Materials wout all pictures
Final Report - Table of AR-DRG v8.0 splitting logic
Final Report - Table of AR-DRG v8.0 splitting logic
Download
advertisement