Add to collection(s) Add to saved
  1. Math
  2. Statistics And Probability

Basics of FT and ET analysis

advertisement 
Basics of Fault Tree and
Event Tree Analysis
Supplement to Fire Hazard Assessment for Nuclear
Engineering Professionals
Icove and Ruggles (2011)
Funded by USNRC: EDU10-002
Definition of Risk
• Risk = Probability of occurrence x
consequences. We will focus on Core
Damage, or Large Early Release as
consequences.
• PRA models are normally consequence
specific.
Funded by USNRC: EDU10-002
Total Risk = Σpici
Total risk would include releases,
core damage, and others.
Funded by USNRC: EDU10-002
Probability
• Probability is a way to predict stochastic events
• Common events: probability fairly well known.
(e.g., MOCV failure rate, lots of data)
• Rare events: Less well known. Much less data.
• New Systems and Components: No data…
Funded by USNRC: EDU10-002
Consequences
• Conseqences from nuclear reactor
accidents could be
– damage to plant
– Impact to environment
– Loss of land use
– Cost of evacuations, sheltering, etc
– Health (morbidity) effects
– Life threatening effects
Funded by USNRC: EDU10-002
Fault Trees
• Fault trees are used to determine the
probability of a “top event” (e.g., core
damage).
• Top event defines the failure or success of
a system or component
• Fault tees use a structure of logical
operations to calculate the probability of
the top event as a result of “basic events”
inputs
Funded by USNRC: EDU10-002
Fault Trees (2)
• The undesired event is stated at the top of
the tree
• The fault tree gates specify logical
combinations of basic events that lead to
the top event
• Fault trees can be used to identify system
weaknesses
Funded by USNRC: EDU10-002
Fault Trees (3)
• Fault trees can help recognize
interrelationships between fault events
• Fault trees consist of logic gates and basic
events as inputs to the logic gates
• Logic Gates: Boolean operations (union or
intersection) of the input events
• Basic Events: Faults such as a hardware
failure, human error, or adverse condition
Funded by USNRC: EDU10-002
AND Gate
• Event 6 and event 7 must occur to “pass” the
gate. P(Q) =P(A)*P(B)
Funded by USNRC: EDU10-002
Amplifier Failure Mode Probabilities, NUREG 0492
Funded by USNRC: EDU10-002
Probabilities add for the OR gate, since either input, or both, will
pass failure through. P(Q)=P(A)+P(B)
Funded by USNRC: EDU10-002
Basic event
• Basic events provide input to the fault tree,
such as failure of a component or system,
expressed as a probability. The circle
indicates that no further development is
necssary
Basic event
1
1.000E-2
EVENT-1
Basic event
2
1.000E-2
EVENT-2
Funded by USNRC: EDU10-002
Additional Gates (SAPHIRE)
ADDITIONAL GATES
--E--
2
3
GATE-7-0
N/M Gate (2 out of 3)
EVENT-7-1
EVENT-7-1
INHIBIT Gate
--E--
8
TRANS-7-2
TRANSFER Gate
EVENT-7-3
HOUSE Event
Funded by USNRC: EDU10-002
--E-EVENT-7-4
UNDEVELOPED Event
Steps to building a fault tree
• Identify a top event as a failure to perform
a function (system, component, or human
failure, for example)
• Identify events that could contribute to
failure of the top event (usually logic
gates)
• Identify further “lower level” events that
could contribute to the intermediate event
Funded by USNRC: EDU10-002
Steps to building a fault tree (2)
• Continue until reach basic events, which
comprise inputs (such as component
failures) to the tree
• Saphire then will perform the calculations
Funded by USNRC: EDU10-002
Outputs from Saphire Calculations
• Calculate failure probability of top event
• Calculate failure probability of intermediate
events
• Identify cut sets
– Cut set is a sequence of events that proceed
from the basic event to the top event in an
unbroken sequence
– Minimal cut sets are cut sets that contain
minimal number of events that are not
contained in other cut sets.
Funded by USNRC: EDU10-002
Outputs from Saphire calculation
(2)
• Provide importance factors that indicate
relative importance of Basic events
• e.g, RIR, Risk increase ratio: Ratio of top
event failure probability with a given Basic
event failure probability set to 1
(“guaranteed failure”) and the rest
remaining at their baseline value.
• There are several other measures not
included in this introduction.
Funded by USNRC: EDU10-002
Outputs from Saphire calculation
(3)
• Calculate uncertainty of top event failure
probability given uncertainty distributions
of the basic events.
• Usually calculations are done with point
probability values (no distribution) but
others can be done with different inputs
– Normal, log normal, uniform, histogram, many
others
Funded by USNRC: EDU10-002
Cut Sets
• A cut set is the path by which one or more basic
events lead to the top event.
• For example,
– a one element cut set identifies where failure of one
basic event causes failure of the top event
– a two element cut set shows how failure of two basic
events cause failure of the top event
• Obviously, one element cut sets should be
avoided. (Like one bolt holding on a wing of an
airplane – one failure causes one disaster.)
Funded by USNRC: EDU10-002
Cut sets (2)
• Minimal cut sets are the smallest set of
events that can cause failure of the top
event. Cut sets that contain events
already contained in a smaller set are
discarded. What’s left are minimal cut
sets.
Funded by USNRC: EDU10-002
Larger Model
Engine fails
to start
CLASS-DEMO
Internal fuel
pump damage
1.000E-2
EVENT-F.4
Fuel supply
fails
Ignition fails
Starter inoperable
GATE-F.1
GATE-IG-1
GATE-S.1
No gas in tank
Fuel injection
failure
Battery fails
GATE-F.2
EVENT-IG.1
1.000E-2
1.000E-2
EVENT-F.7
Battery fails
1.000E-2
Spark plug wire
no 3 fails
GATE-F.3
EVENT-IG-5
1.000E-2
Gasoline not
free of gunk
1.000E-2
EVENT-F.5
2
EVENT-IG.2
Fuel injectors
fouled
1.000E-2
EVENT-IG.1
Spark plugs
wires or plugs
failed
Distributor
system fails
Battery fails
1.000E-2
4
GATE-1G.2
Spark plug wire
1 fails
1.000E-2
EVENT-IG.3
Starter fails
1.000E-2
EVENT-IG.1
Spark plug wire
no 2 fails
1.000E-2
EVENT-IG.4
EVENT-S.1
Spark plug wire
no 4 fails
1.000E-2
EVENT-IG.6
Gasoline filter
failed
1.000E-2
EVENT-F.6
Funded by USNRC: EDU10-002
CLASS-DEMO - Demonstration for class
2007/09/24
Page 1
Cut sets
Engine fails
to start
CLASS-DEMO
Internal fuel
pump damage
1.000E-2
EVENT-F.4
Fuel supply
fails
Ignition fails
Starter inoperable
GATE-F.1
GATE-IG-1
GATE-S.1
No gas in tank
Fuel injection
failure
Battery fails
GATE-F.2
EVENT-IG.1
1.000E-2
1.000E-2
EVENT-F.7
Battery fails
1.000E-2
Spark plug wire
no 3 fails
GATE-F.3
EVENT-IG-5
1.000E-2
Gasoline not
free of gunk
1.000E-2
EVENT-F.5
2
EVENT-IG.2
Fuel injectors
fouled
1.000E-2
EVENT-IG.1
Spark plugs
wires or plugs
failed
Distributor
system fails
Battery fails
1.000E-2
4
GATE-1G.2
Spark plug wire
1 fails
1.000E-2
EVENT-IG.1
Spark plug wire
no 2 fails
1.000E-2
EVENT-IG.3
Starter fails
1.000E-2
EVENT-IG.4
EVENT-S.1
Spark plug wire
no 4 fails
1.000E-2
EVENT-IG.6
Gasoline filter
failed
1.000E-2
EVENT-F.6
CLASS-DEMO - Demonstration for class
2007/09/24
Funded by USNRC: EDU10-002
Page 1
EVENT TREES
• Event trees start with an initiating event,
branch to the right as various safety
functions are questioned for success (up)
or failure (down) (ref Saphire manual)
• Event trees
– Identify accident sequences
– Identify safety system functions
– Quantify sequence frequencies
Funded by USNRC: EDU10-002
EVENT TREE DEVELOPMENT
Plant familiarization
Define safety functions and success criteria
Select initiating events
Determine plant response
Define accident sequences & plant damage
states
Identify system failure criteria
Develop fault trees & link to event tree
Funded by USNRC: EDU10-002
EVENT TREE TERMINOLOGY
• Initiating event
• Top event – Safety systems intented to respond
to the initiating event
• Branching – Underneath a top event – Up=
success, Down= failure
• Pass – No branch beneath a top event
• Sequence – Branching path, initiating event to
end state
• End states – consequences and probabilities
Funded by USNRC: EDU10-002
Event tree- Reactor Loss of Offsite
Power
Loss of offsite
power initiating
Emergency core
cooling system
Containment
system
LOSP
ECCS
CCS
#
END-STATE-NAMES
1
OK-NO-RELEASE
2
SOME-LATE-RELEASE
3
MEDIUM-LATE-RELEASE
4
LARGE-EARLY-RELEASE
EVENT TREE LOSP -
2007/10/07
Funded by USNRC: EDU10-002
Page 2
Emergency Core Cooling System
Fault Tree (ECCS)
Emergency core
cooling system
ECCS
Loss of heat
sink
1.000E-2
EVENT-ECCS-1
Loss of diesel
power
Loss of water
source
1.000E-2
EVENT-ECCS-2
1.000E-2
EVENT-ECCS-3
Funded by USNRC: EDU10-002
ECCS - Emergency core cooling system
2007/10/09
Page 1
Summary
• Risk assessment is a powerful tool for
– Forcing disciplined approach to analysis of safety
issues
– Forcing understanding of the system being evaluated
– Providing methods for estimating modes of failures
– Providing methods for estimating probabilities of
failures
– Identifying areas where more information is needed
– Identifying acceptability and/or areas needing
improvement
Funded by USNRC: EDU10-002
Related documents
AbstractID: 12050 Title: U.S. NRC Regulatory Initiatives in Enhancing Accountability... Radioactive Material
AbstractID: 12050 Title: U.S. NRC Regulatory Initiatives in Enhancing Accountability... Radioactive Material
TIW-PPT-10-Risk Assessment aer
TIW-PPT-10-Risk Assessment aer
NRCfireNE360
NRCfireNE360
One Thing Remains
One Thing Remains
Document
Document
poems about environment RO
poems about environment RO
Science Jeopardy
Science Jeopardy
GA_Resources and Choices
GA_Resources and Choices
Download
advertisement