ML19011A432
| ML19011A432 | |
| Person / Time | |
|---|---|
| Issue date: | 01/16/2019 |
| From: | Office of Nuclear Regulatory Research |
| To: | |
| Nathan Siu 415-0744 | |
| Shared Package | |
| ML19011A416 | List:
|
| References | |
| Download: ML19011A432 (22) | |
Text
Dependent Failures Lecture 6-1 1
Key Topics
- Importance of dependent failures
- Types of dependencies
- Common cause failure analysis 2
Overview
Resources American Nuclear Society and the Institute of Electrical and Electronics Engineers, PRA Procedures Guide, NUREG/CR-2300, January 1983.
A. Mosleh, et al., "Procedures for Treating Common Cause Failures in Safety and Reliability Studies," NUREG/CR-4780, Vols.
1 and 2, January 1988 and January 1989.
D. Rasmuson and N. Siu, Treatment of Common-Cause Failures in SPAR Models, presented at Annual Meeting of NEA Working Group on Risk Assessment (WGRISK), Paris, France, April 20, 2007. (ADAMS ML070990049)
CCF Parameter Estimates:
https://nrcoe.inl.gov/resultsdb/ParamEstSpar/
3 Overview
Other References K.N. Fleming, A reliability model for common mode failure in redundant safety systems, Proceedings Sixth Annual Pittsburgh Conference on Modeling and Simulation, Pittsburgh, April 23-25, 1975.
K.N. Fleming and A.M. Kalinowski, "An Extension of the Beta Factor Method to Systems with High Levels of Redundancy, Pickard, Lowe and Garrick, Inc., PLG-0289, June 1983.
C.L. Atwood, Common Cause Failure Rates for Pumps, NUREG/CR-2098, February 1983.
A. Mosleh and N. Siu, "A multi-parameter common cause failure model, Proceedings 9th International Conference on Structural Mechanics in Reactor Technology, Lausanne, Switzerland, August 17-21, 1987.
N. Siu, "A Monte Carlo method for multiple parameter estimation in the presence of uncertain data," Reliability Engineering and System Safety, 28, No. 1, 59-98, 1990.
4 Overview
Other References (cont.)
T.E. Wierman, et al., Common-Cause Failure Database and Analysis System: Event Data Collection, Classification, and Coding, NUREG/CR-6268, Rev. 1, September 2007.
T.E. Wierman, D.M. Rasmuson, and N.B. Stockton, Common-Cause Failure Event Insights: Emergency Diesel Generators, NUREG/CR-6819, Vol. 1, May 2003.
T.E. Wierman, D.M. Rasmuson, and N.B. Stockton, Common-Cause Failure Event Insights: Motor-Operated Valves, NUREG/CR-6819, Vol. 2, May 2003.
T.E. Wierman, D.M. Rasmuson, and N.B. Stockton, Common-Cause Failure Event Insights: Pumps, NUREG/CR-6819, Vol. 3, May 2003.
T.E. Wierman, D.M. Rasmuson, and N.B. Stockton, Common-Cause Failure Event Insights: Circuit Breakers, NUREG/CR-6819, Vol. 4, May 2003.
5 Overview
Dependence - Concept and Importance
- The propositions (events) A and B are (probabilistically) dependent if
- For typical PRA elements, P{*} ~ o(10-4) to o(10-2) so if P{AlB} ~ o(10-1), this could be very important to the qualitative as well as quantitative results and insights 6
The identification and appropriate treatment of important dependencies is arguably the most significant part of an NPP PRA
Introduction
Definitions of Dependency In these lectures, a dependency is a source of probabilistic dependence.
Some more restricted definitions tied to requirements on addressing and documenting key dependencies:
- Reliance of a function, system, component, or human action on another part of the system or another human action to accomplish its function. (PRA Glossary, NUREG-2122)
- Requirement external to an item and upon which its function depends and is associated with dependent events that are determined by, influenced by, or correlated to other events or occurrences. (ASME/ANS RA-Sa-2009)
- Requirement external to a structure, system, or component (SSC), and upon which the SSCs function depends. (NUREG-1742) 7 Introduction
Sources of Probabilistic Dependencies
- Aleatory
- Causal links: A directly influences the occurrence of B
- Correlational: A and B are subject to common influence
=
- Epistemic
- Common information
- In terms of density functions 8
Introduction
Aleatory Classifications - Examples
- PRA Procedures Guide (NUREG/CR-2300, 1983)
- Common Cause Initiating Events (Type 1)
- Intersystem Dependencies (Type 2)
- Functional Dependencies (Type 2A)
- Shared Equipment Dependencies (Type 2B)
- Physical Interactions (Type 2C)
- Human-Interaction Dependencies (Type 2D)
- Intercomponent Dependencies (Type 3) 9 A classification scheme:
Can prompt imagination (useful)
Is a model (not unique or right)
Aleatory Dependencies
Common-Cause Initiators
- Generally involve spatial dependencies due to exposure to a common environmental (spatial) hazard (Lecture 6-2)
- Fire
- Flood
- Also includes support system losses, e.g., loss of offsite power (LOOP, LOSP), loss of ultimate heat sink (LOUHS), loss of specific power buses, loss of instrument air (LOIA) 10 Aleatory Dependencies
Functional Dependencies
- Failure of System A directly affects likelihood of failure of System B
- Examples
- System A provides support function, e.g.,
- Power
- Cooling
- Control
- Structural
- System A performs enabling function, e.g.,
- Reactor scram enables decay heat removal by engineered systems
- Depressurization enables low pressure injection
- Pressure boundary integrity prevents exposure to hazardous environment
- System B is not needed unless A has failed (e.g., use of HPCI if RCIC fails) 11 Aleatory Dependencies
Shared Equipment Dependencies
- Systems A and B share components (e.g., low-pressure injection and residual heat removal)
- System A supports Systems B, C, (and so is shared with these systems) [Better viewed as a functional dependency?]
12 Aleatory Dependencies
Physical Interactions
- Similar to common-cause initiators, but dont necessarily cause an initiating event
- Typically involve environmental stresses caused by failure of a component. Examples:
- Jet, missiles, and steam from high energy line break
- Blast, heat, smoke, and conductive particles from high-energy arc fault (HEAF)
- High temperature from failure of room cooling
- Can also involve direct contact (e.g., pipe whip) 13 Aleatory Dependencies
Human Interaction Dependencies
- Includes errors of omission (failure to perform needed action) and errors of commission (incorrect action); both can affect subsequent actions as well as system behavior.
- See Lecture 5-2.
14 Aleatory Dependencies
Intercomponent Dependence
- Has same sub-categories as intersystem dependencies (functional, shared equipment, physical interaction, human interaction).
- Common cause failure (CCF) parametric models used to treat dependencies that are not modeled explicitly.
15 Aleatory Dependencies
CCF Modeling Approaches
- Parametric Models
- Catch all treatment of the wide variety of dependent failures not modeled explicitly*
- Quantified using simple probability models and operational experience
- Includes human-induced CCFs
- Narrow scope: do not address effect of underling causes on other parts of the scenario
- Mechanistic Models 16
- Example: fire can be the common cause of multiple component failures, but typically is treated separately CCF Analysis
CCFs - Engineering Considerations Event examples:
All emergency diesel generators fail to start during a test due to an improper modification to load sequencers.
Multiple motor-operated valves fail due to wrong shaft coupling pins Auxiliary feedwater pumps failed due to steam binding (due to leakage past downstream check valves)
Poor maintenance leads to low lubrication and wear of reactor trip breakers, which fail then fail to meet trip time requirements Engineering analysis of CCF event data (including identification of proximate causes and coupling factors):
Helps identify fixes/defenses Supports assessment of impact vectors 17 CCF Analysis
Beta Factor and Other Models Beta factor model (Fleming, 1975)
Define m = number of redundant components in system, Qn = probability of failure of exactly n components, Qc = total failure probability for a component Then Multiple Greek Letter (MGL) model (Fleming and Kalinowski, 1983): extension of beta factor Binomial Failure Rate (BFR) model (Atwood, 1983): treats CCFs as responses to shocks 18 1 = 1
=
Independent failure Common cause failure CCF Analysis
Other Models (cont.)
Alpha factor (Mosleh and Siu, 1987)
Note: Sparse data and differing plant designs and operational characteristics => use impact vectors to translate event into plant-specific terms => practical application of uncertain (fuzzy) data 19 CCF Analysis
=
=1
where ak fraction of failures involving k components due to common cause
Epistemic Dependencies*
- General case
- Special case where it matters: identical components in series (see next)
- Other applications
- Parameter uncertainty propagation through phenomenological models
- Sensitivity analyses for common modeling assumptions 20 Epistemic Dependencies
- Typically referred to as state-of-knowledge dependencies in the literature.
Thought Exercise The failure probabilities are epistemically independent, i.e., knowing the value of one tells us nothing about the value of the other:
The failure probabilities are completely epistemically dependent, i.e.,
knowing the value of one tells us the value of the other:
21 f,f, = ff f,f, = f 0
if x = y otherwise Consider a system of two check valves at a high/low pressure interface. Denote their aleatory failure probabilities as fA and fB.
What is the mean system failure probability if:
Thought Exercise - Categorize These Events Common-Cause Initiating Event Intersystem
- Functional
- Shared equipment
- Physical
- Human Intercomponent
- Functional
- Shared equipment
- Physical
- Human 22 Earthquake-induced HEAF causes heavy smoke in Turbine Building Tsunami damages service water pumps Operators delay containment venting due to delays in offsite evacuation Loss of air pressure prevents use of AOV to depressurize RCS to enable low pressure injection (fire water)
Operators delay using saltwater for cooling due to instructions from company HQ Dependency Type Event (March, 2011)