Date post: | 12-Aug-2016 |
Category: |
Documents |
Upload: | vicky-gautam |
View: | 213 times |
Download: | 0 times |
Software
ABSTRACT
Probabilistic Safety Assessment has become a key tool as on today to identify and
understand Nuclear Power Plant vulnerabilities. As a result of the availability of these
PSA studies, there is a desire to use them to enhance plant safety and to operate the
nuclear stations in the most efficient manner. Risk Monitor is a PC based tool, which
computes the real time safety level and assists plant personnel to manage day-to-day
activities. Risk Monitor is a PC based user friendly software tool used for modification
and re-analysis of a nuclear Power plant. Operation of Risk Monitor is based on PSA
methods for assisting in day to day applications. Risk Monitoring programs can assess the
risk profile and are used to optimize the operation of Nuclear Power Plants with respect
to a minimum risk level over the operating time. This paper presents the software
developmental aspects of Risk Monitor and its application areas. This software can be
used with the PSA model of any Nuclear Power Plant.
1. INTRODUCTION
Risk Monitor according to the IAEA defined as "A real-time analysis tool used to
determine the instantaneous risk based on actual status of Systems and Components". At
any given time, the risk monitor reflects the current plant configuration in terms of the
known status of the various systems and/or components e.g. whether there are any
components out of service for maintenance or tests. Risk Monitoring provides safety
status information for a plant and thus aids decision making about whether continued
plant operation is tolerable under certain system function outages. It may also support
operations and be of help deciding on maintenance strategies allowing immediate
assessment of different plant configurations. Besides addressing specific plant
requirements it is an on-line tool showing actual risk situation thus overcoming possibly
unnecessarily restrictive elements of requirement and point out procedures not conducive
to safety. The model used by the risk monitor is based on, and is consistent with, the
Living PSA for the facility.
1
2. PURPOSE OF RISK MONITOR
In Nuclear Power Plants, safety is the major concern. Probabilistic Safety
Assessment (PSA) analysis leads insight into plant processes and mechanisms and
possible interaction between plant systems, both for existing plants with operating
histories and for plants still in the design stage. In view of this, on-line safety assessment
has received lot of attention from operation and maintenance personnel. Plant
configuration undergoes changes due to changes in component status and/or operating /
maintenance procedures. Some components are randomly down and/or others can be
planned for test, maintenance and repair. This results in a variation of the risk level over
operating time, which is termed as risk profile, and indicates the trends which could lead
to deviation from desired CDF. PSA models can be used to quantify risk due to changes
in components status, system design and operations consequent to changes in plant
configuration.
3. SOFTWARE DEVELOPMENTAL ASPECTS OF RISK MONITOR
Risk Monitor Software has been developed in Visual Basic.. The various modules
developed in the package are as follows.
a) System Modelling Options
b) Initiating Events/Event Trees
c) Safety Systems
d) Common Cause Failures
e) Main Summary & On-Line Risk
f) Component data base
g) Component Out-of-Service & Restore
h) What-If Analysis
i) Test Times
3.1 System Modelling Options
In this module user can choose the different options like plant operation (Full power or
low power operation), initiating events frequency (Direct or through Minimal Cut Sets
(MCS)), core damage frequency (Through accident sequences or MCS) and can set the
2
risk levels (Acceptable risk, unacceptable risk, moderately safe, totally safe and design
level risk). The software uses plant specific PSA models. However, option is provided for
inclusion of PSA models for different NPP also.
3.2 Initiating Events/Event Trees
With this module user can create Initiating Events (IEs) / Event Trees (ETs) list
just by typing on the data grid control which appears in the right hand side panel of the
window. If the IE/ET list is already existed one can import the file by clicking on the
browse button in the panel. This is shown in the Figure 1. The user can select this option
even from the menu bar menu option "View".
3.3 Safety Systems
With this option user can give the information on different safety systems. This is
represented as a child node under the main node "Minimal Cut Sets" in the tree view
control. After clicking on this node user will find a data grid control in the right hand side
of the panel and one can enter the data in the corresponding fields. Option is also
provided for importing the existing files.
3.4 Common Cause Failures
In risk monitor common cause failures (CCF) are treated under two headings
CCF Groups
CCG Events
3.4.1 CCF Groups
With this option user can categorize the components which fall under some
specific CCF groups. When, the user clicks on this option a data grid will appear on the
screen and one can enter the different group names. Option is also provided for importing
the data.
3.4.2 CCG Events
This option will be activated if the user had already entered the CCF events in the
specified CCF groups. This can be done by double clicking on the CCF group's data grid.
The user interface is shown in the Figure 2. The user can also import the CCF events of
different CCF groups. There are three tab headings provided on this screen namely
3
Basic Events
CCF Events
Parameters
3.5 Main Summary & On-Line Risk
This module summarizes status of the safety systems (available, degraded or unavailable)
based on the status of the components (Available, out of service), list of components
which have been taken out from the service and risk profile (CDF vs Time) on day basis,
monthly basis or year basis. Logs on the CDF values on time basis are shown in the risk
profile module. If the user double clicks on this table it will give the status of the plant of
any day. Risk Monitor presents the graphical display of Risk profile with respect to CDF
value. Eventhough, coloured bands are defined for risk levels, standardization is required
for defining these levels. The user interface of this module is shown in the Figure 3.
3.6 Component Database
A Reliability Data Base is used for the management of data which is designed
using MS ACCESS which also stores the PSA models and analysis results. The package
provides database for basic events probability, initiating events frequency and human
errors probability. Different component reliability models [3] [4] such as repairable, non-
repairable, tested, mission time, probability and frequency models have been
incorporated in calculation of the component unavailability. Risk Monitor can re-evaluate
the CDF depending on the change in the value of initiating event frequency or safety
system unavailability. In case of Safety System, the unavailability will be affected when
component unavailability changes. Depending on the mode in which the component is
functioning in the safety system, parameters like failure rates, test intervals, mission time,
repair time etc. will alter its unavailability value. Risk Monitor has provided the option to
alter the necessary parameters depending on the mode of the component functioning,
thereby computes its unavailability. This change is propagated to the Core Damage
Frequency and user can see its implication on Risk profile also. The user interface of this
module is shown in the Figure 4.
4
3.7 Component Out-of-Service & Restore
This module shows all the components which are in service and out of service as
of today on system wise. In order to take any component from out of service (for
maintenance, testing or inspection) first user has to check the relevant component check
boxes provided in the side by in the in-service list and has to click the "Add" button
provided at the bottom of the grid. This will add the components to the out of service
table provided at the bottom of the window. This changes the configuration of the
systems and in turn affects the CDF. CDF is re evaluated from the minimal cut sets
provided in the database which is in the form of Initiating events and components. The
user can even set the date and time at which the component has been taken out of service
apart from the default time settings (today's date and time). The user interface of this
module is shown in the Figure 5.
3.8 What -If Analysis
This is the unique feature of the risk monitor. With this analysis user can analyse
different combinations of component states and based on the change in the CDF value
decision can be made on which combination of components can be taken for maintenance
or can be restored. User can also use this analysis for finding out the allowable outage
times and surveillance test intervals for various systems. All the cases which have been
analysed by this analysis are stored in the database so that if the user wants to do the
same analysis in the future it can be retrieved from the database and can be applied, this
will avoid the repetition of the same analysis. The user interface of this module is shown
in the Figure 6. On-line “Help” and report generation have been provided with the
software package, so as to assist the user in navigating through the software as well as to
get familiarized with the PSA terminologies.
3.9 Test Times
This module shows list of components whose model type is "Tested" model along
with the parameters of the model at the design time and the present status. Hence, the
user can have an idea about the parameters which have been changed from their design
values and can easily set the test intervals, inspection timings etc. for the components.
5
This module also shows the inspection timing of each component based on the test
interval.
4. APPLICATIONS OF RISK MONITOR
Some important applications of Risk Monitor towards Safety Issues are explained below:
4.1.1 Decision Making in operations:
Core Damage Frequency (CDF) value is an important parameter, which can
provide risk insights. If CDF value exceeds the prescribed probabilistic safety
criteria, that is termed as an unsafe condition. Also, efforts are always made to
lower the CDF through different test and maintenance policies.
4.1.2 Maintenance Strategies:
Risk achievement worth (RAW) is the best input for deciding maintenance
policies. RAW and risk reduction worth (RRW) can be evaluated system wise
and component wise. Components having higher RAW have to be maintained
immediately, in order to minimise the CDF value. Similarly, component having
higher RRW should be given attention from the design point of view, since it can
enhance the reliability of the system.
4.1.3 Risk Based In-Service Inspection:
The Risk Informed In-Service Inspection (RI-ISI) programs aims at integrating
traditional engineering evaluations with insights gained from PSA. The prime use
of PSA is to obtain an estimate of risk and relegate it to various systems and down
to components to obtain an idea of their importance in terms of contribution to the
Risk. Risk Monitor can be effectively employed for analysing the change in CDF
whenever there is a change in Inspection plans and thereby analyse for an
optimum scheduling plan. Risk importance measures such as RAW, RRW,
Fussell-Wessley etc. for various components and systems are readily evaluated in
the Risk Monitor for risk based inspection planning.
4.1.4 Review of Technical Specification:
The Technical Specifications are usually based on deterministic assessment and
engineering judgment. Based on the PSA studies, technical specifications based
6
on probabilistic considerations can be evolved to optimise the Allowable Outage
Time (AOT) and Surveillance Test Interval (STI) for various Systems.
4.1.5 Emergency Operating Procedures and Risk Management:
The Emergency Operating Procedures (EOPs) have been usually based on the
considerations of failures in process systems only. EOPs based on dominating
accident sequences as identified in PSA can be effectively used in risk
management.
5. CONCLUSIONS
Risk Monitors backed up by the results of Probabilistic Safety Assessment (PSA) are
gaining wider acceptance world over. Increasing use of Risk Monitors is being made/
contemplated in various areas related to nuclear power plant operations. Risk monitor can
be used as an efficient tool by operator to analyse the change in Risk whenever the
component parameters change. Also it can be considered as an efficient system to track
plant history. Envisaging the above scenario of application of Risk Monitor, assuring the
quality of Risk Monitor is of utmost importance. Various testing approaches have been
adopted to expose the detectable as well as undetectable errors in order to improve the
reliability of risk Monitor.
REFERENCES
[1]. IAEA-TECDOC-737; (1994), Advances in reliability analysis and probabilistic safety assessment
for nuclear power reactors.
[2]. IAEA-TECDOC-1106; (1999), Living probabilistic safety assessment (LPSA).
[3]. PSA Pack 4.2, A Code for Probabilistic Assessment Level 1, IAEA, Vienna (1993).
[4]. Risk Spectrum, PSA Professional 1.00.05: A Demo version, Relcon AB (1998).
7
Figure 1: User Interface of Initiating Events
Figure 2: User Interface of Common Cause Failures
8
Figure 3: Risk Monitor Main Summary Window
Figure 4: User interface of Component Database
9
Figure 5: User interface of Component Out-of-Service & Restore
Figure 6: What-If Analysis window
10