ML19011A442

From kanterella
Jump to navigation Jump to search
Lecture 9-1 Challenges 2019-01-23
ML19011A442
Person / Time
Issue date: 01/16/2019
From:
Office of Nuclear Regulatory Research
To:
Nathan Siu 415-0744
Shared Package
ML19011A416 List:
References
Download: ML19011A442 (38)
v  d  e


Text

Challenges for NPP PRA Lecture 9-1 1

Schedule 2

Course Overview Wednesday 1/16 Thursday 1/17 Friday 1/18 Tuesday 1/22 Wednesday 1/23 Module 1: Introduction 3: Characterizing Uncertainty 5: Basic Events 7: Learning from Operational Events 9: The PRA Frontier 9:00-9:45 L1-1: What is RIDM?

L3-1: Probabilistic modeling for NPP PRA L5-1: Evidence and estimation L7-1: Retrospective PRA L9-1: Challenges for NPP PRA 9:45-10:00 Break Break Break Break Break 10:00-11:00 L1-2: RIDM in the nuclear industry L3-2: Uncertainty and uncertainties L5-2: Human Reliability Analysis (HRA)

L7-2: Notable events and lessons for PRA L9-2: Improved PRA using existing technology 11:00-12:00 W1: Risk-informed thinking W2: Characterizing uncertainties W4: Bayesian estimation W6: Retrospective Analysis L9-3: The frontier: grand challenges and advanced methods 12:00-1:30 Lunch Lunch Lunch Lunch Lunch Module 2: PRA Overview 4: Accident Sequence Modeling 6: Special Technical Topics 8: Applications and Challenges 10: Recap 1:30-2:15 L2-1: NPP PRA and RIDM:

early history L4-1: Initiating events L6-1: Dependent failures L8-1: Risk-informed regulatory applications L10-1: Summary and closing remarks L8-2: PRA and RIDM infrastructure 2:15-2:30 Break Break Break Break 2:30-3:30 L2-2: NPP PRA models and results L4-2: Modeling plant and system response L6-2: Spatial hazards and dependencies L8-3: Risk-informed fire protection Discussion: course feedback 3:30-4:30 L2-3: PRA and RIDM:

point-counterpoint W3: Plant systems modeling L6-3: Other operational modes L8-4: Risk communication Open Discussion L6-4: Level 2/3 PRA:

beyond core damage 4:30-4:45 Break Break Break Break 4:45-5:30 Open Discussion W3: Plant systems modeling (cont.)

W5: External Hazards modeling Open Discussion 5:30-6:00 Open Discussion Open Discussion

Key Topics

  • Stakeholder perspectives
  • Sample viewpoints

- Fleming (2003)

- Mosleh (2012)

- Siu et al., (2013, 2016) 3 Overview

Resources K.N. Fleming, Issues and Recommendations for Advancement of PRA Technology in Risk-Informed Decision Making, NUREG/CR-6813, April 2003.

A. Mosleh, Delivering on the Promise: PRA, Real Decisions, and Real Events, Closing Plenary Talk, International Conference on Probabilistic Safety Assessment and Management (PSAM 11/ESREL 2012), Helsinki, Finland, June 25-29, 2012. (Available from:

http://www.iapsam.org/www.psam11.org/www/fi/program/PSAM11-ESREL_2012_CL-Fr4_Ali_Mosleh.pdf)

Siu, N., et al., PSA technology challenges revealed by the Great East Japan Earthquake, Proceedings of PSAM Topical Conference in Light of the Fukushima Dai-Ichi Accident, Tokyo, Japan, April 15-17, 2013. (ADAMS ML13038A203)

N. Siu, et al., PSA technology reminders and challenges revealed by the Great East Japan Earthquake: 2016 update, Proceedings of 13th International Conference on Probabilistic Safety Assessment and Management (PSAM 13), Seoul, Korea, October 2-7, 2016.

4 Overview

Other References N. Siu, PRA R&D - Changing the Way We Do Business? Invited Plenary Lecture, ANS International Topical Meeting on Probabilistic Safety Assessment (PSA 2017), Pittsburgh, PA, September 24-28, 2017. (ADAMS ML17263B165) 5

Many Identified Technical Challenges

  • PRA is a critically-oriented enterprise
  • Recognized good practice (and required by PRA standards): identify/discuss key sources of uncertainty

=> Many views and lists of areas for improvement 6

Risk Assessment Review Group (Lewis Committee) - 1978

  • Inadequate data base, wrong statistical methods
  • Common cause failure analysis
  • Human reliability analysis (particularly operator adaptability)
  • Unconvincing screening of some initiators (fires, earthquakes, human-initiated events)
  • Site-specific atmospheric dispersion modeling
  • Biological effects modeling
  • Understated error bounds 7

What to Fix? Domain Perspectives 8

Level 1 Level 3 Seismic Here be dragons Loose nuts Fire Other Hazards LPSD HRA Level 2 R&D 42 Those Guys Perspectives

What to Fix? Functional Perspectives 9

Perspectives Developers Analysts/

Reviewers Users

Developers 10 Perspectives

  • Challenges include

- Academic contribution

- Nexus between personal/professional and external interests

- Support (especially with declining budgets!)

  • Solutions include

- Frameworks, methodologies, conceptual demonstrations

- N+1 projects (New Analysis Technology +

Interesting Problem)

Analysts/Reviewers 11 Perspectives Challenges include:

- Near-term solutions: heavy time/budget pressure

- Huge problem size and complexity

- Multiple technical communities/cultures

- State of technology: Too much/little diversity, Holes Solutions include:

- Approved approaches (Tried and true)

- Engineering judgment

- Acknowledgment of completeness uncertainty

Users 12 Perspectives Challenges include:

- Fundamental nature of risk problem (complexity, uncertainty, multiple consequence types and potentially large magnitude, multiple stakeholders, )

- Competing problems with attentional and resource demands

- Declining budgets

- Predicting the future (value added, additional benefits)

Solutions include:

- Near-term focus (today problems)

- Leveraging opportunities (interesting to others?)

Data from NUREG-1350 (NRC Information Digest)

Three Example Perspectives

  • Fleming (2003) - what are the technical issues in advancing RIDM, and how might they be addressed?
  • Mosleh (2011) - what needs to be done to deliver on the promise of PRA?
  • Siu et al. (2013, 2016) - what technical lessons can be developed from the Fukushima Dai-ichi reactor accidents?

13 Perspectives

Fleming (2003)

  • Performed to support ACRS
  • Sources

- Interviews

- Case studies in risk-informed regulation (including Davis-Besse head corrosion)

- Experience in performing/reviewing PRAs 14 Fleming

Risk-Informed Regulation Success Stories

  • Reactor Oversight Process
  • Maintenance Rule (10 CFR 50.65)
  • Consensus on need to [formally] ensure technical adequacy
  • Consensus on improvement of industry PRAs 15 Fleming

Risk-Informed Regulation Difficulties

  • Scope, level of detail, and technical adequacy of existing PRAs
  • Treatment of uncertainties in submittals and reviews

- Unverified modeling assumptions (shared with deterministic analyses)

  • Minimum capabilities needed to support RIDM
  • Consistency in submittals and reviews
  • Potential for risk insights for applications meeting deterministic requirements*

16 Fleming

  • Could be viewed as a success

Technical Issues

  • Lack of completeness within specified scope
  • Model fidelity
  • Lack of uncertainty treatment
  • Multi-unit site issues
  • Lack of capability to treat ageing issues
  • Risk metric issues
  • Lack of coherence between probabilistic and deterministic safety approaches 17 Fleming

Recommendations

  • Guidance for treatment of uncertainties

- Analysis

- Use in decision making

  • Guidance for deterministic safety evaluations
  • Generic estimates for risk contributors from missing PRA scope
  • PRA validation program
  • Consistent definition of risk 18 Fleming

Mosleh (2012)

  • Closing plenary speech at PSAM 2011/ESREL 2012 conference
  • Key questions

- Has PRA delivered on its promise?

- How do we gauge PRA performance?

- Are there disparities between what we get and what we think we are getting from PRA and its various derivatives?

- What should be our expectation, and how do we address potential gaps?

19 Mosleh

PRA Successes

  • PRAs have successfully identified many vulnerabilities that were unknown, not adequately safeguarded against in the original designs, or simply viewed to be unimportant.
  • Through ranking of risk contributors by probability and consequence, PRAs have provided a consistent basis for prioritization and implementation of many safety improvements and design decisions 20 Mosleh

Main Sources of Uncertainty

  • Scenario identification (completeness)
  • Level of resolution (binning)

- Level of causality

- Fidelity of definition of basic events

- Probability estimation 21 Mosleh

Level of Causality Example: H.B. Robinson Fire (March 28, 2010)

Complicated event

- Non-vital cable failure => arc flash + breaker failure => reactor trip

- Subsequent equipment malfunctions + operator situation assessment and action failures => complicated shutdown, could have led to reactor coolant pump (RCP) seal LOCA Important HRA factors

- Simulator training didnt match actual plant response

- Deficient operating procedure

- Poor command and control PRA concerns

- Events would have been screened based on probability

- Important features not easily captured by current methods 22 Mosleh

General Concerns and Suggestions

  • Concerns Potential for screening to miss important scenarios

- How to see vulnerabilities irrespective of the numbers

- Major accidents go beyond initial physical and organizational boundaries: closed systems become open systems

  • Suggestions

- Improve causal models for some applications (e.g., SDP)

- Feed accident insights back into PRA methodology

- Make better use of computer power

  • Qualitative information from risk models
  • Simulation for complex interactions

- Remember risk-informed also means consequence-informed 23 Mosleh

Siu, et al. (2013, 2016)

  • Performed to support R&D planning
  • Limited to lessons directly linked to accidents
  • Detailed review of multiple sources for accident progression and conditions

- Official reports

  • Government of Japan, National Diet of Japan, TEPCO
  • U.S. organizations (National Research Council, INPO, EPRI, ANS)
  • International organizations (e.g., IAEA, WHO, UNSCEAR)

- Other papers

- Briefings

  • Highlighted key topics and issues + detailed table of challenges and reminders 24 Siu, et al.

Highlighted Topics (2013) 25 Topic Issues PSA scope Multiple units/sources, systems not normally analyzed (e.g.,

security systems), off-site organizations, post-accident risk Feedback loops Feedback from Level 3 to Level 1/Level 2 (e.g., venting delays due to delayed evacuation), multi-unit/source interactions Game over modeling Intentional conservatisms skewing risk results and insights, masking important scenarios, de-valuing mitigative activities Long duration scenarios Offsite resources, additional warnings and shocks, toll on operators, definition of safe and stable state External hazards analysis Beyond design basis events, multiple correlated hazards, multiple shocks, finite duration of elevated hazard, multiple damage mechanisms Human reliability analysis (HRA)

Errors of commission, technical support center and external decision making, ex-control room actions, new/re-defined performance influencing factors, support of creative HRA methods applications Uncertainty in phenomenological codes Varying views and treatments of uncertainty (e.g., sensitivity cases, ensemble modeling, probabilistic/non-probabilistic methods) across technical disciplines Searching vs. screening Screening of beyond design basis hazards, biases (e.g., focusing on extreme events), systematic methods to search for failures Siu, et al.

Highlighted Topics (2016) 26 Topic Issues External Hazards Using PSA to ensure defense-in-depth (DID),

dealing with full hazard spectrum, treating correlated hazards Human Performance and Human Reliability Decision making under severe accident conditions, ex-control room actions, teamwork Level 2 PRA Long-duration scenarios, equipment survivability and I&C system-related impacts, environmental conditions and habitability Level 3 PRA Effect of offsite hazard on response, intentional venting, onsite contractors, aqueous pathway, training and resources, assessment endpoints Siu, et al.

R&D Implications - HRA example Topic

  • Decision making under severe accident conditions
  • Ex-control room actions
  • Teamwork 27 Advanced Methods Needed?
  • Mechanistic treatment of many challenges, e.g.,

Choices among options Communications

  • Approximations?

Robotic follower Individual cognition with communications Social organization Approximate > None?

Siu, et al.

PRA Topics - One View 28 Technical Topic Reactors Level 1 internal events at power Level 2 Level 3 Low power and shutdown (LPSD)

Operational data Event analysis Generic safety issues (GSI)

Performance indicators and thresholds New reactors (evolutionary)

Advanced reactors Research and test reactors Non-Reactor Facilities and Activities Geologic repositories High-level waste (HLW)

Low-level waste/decommissioning Fuel cycle facilities Transportation Sources Technical Topic Special Topics Human reliability analysis Ageing Passive components Passive systems Digital systems Common Cause Failure Integrated site risk (including multi-unit events, SFP)

Design and construction Internal hazards (e.g., fire, flood, heavy load drop)

External hazards (e.g., seismic, flood, wind)

Security-related events, safety-security interface Emergency preparedness and response General Systems Analysis Methods and Tools PRA tools Uncertainty and sensitivity analysis methods and tools Advanced computational methods Advanced modeling methods (e.g., simulation)

Elicitation methods Implementation and Application PRA quality (e.g., guidance, standards)

Risk-informed regulation infrastructure Risk-informed regulation applications Risk perception and communication Siu, et al.

Comment

  • General agreement on broad topic areas, e.g.,

- Human and organizational factors

- External hazards

- Common cause failures

  • No consensus sought (yet) or achieved on prioritization of specific items (e.g., errors of commission)

- Varying technical and organizational perspectives on need, value, achievability, cost

- An additional consideration: enterprise risk

  • Potential consequences if work is not done (or even attempted)
  • Requirements in some countries to use state-of-the-art 29

Additional Slides 30

External Hazards Topic

  • Using PSA to ensure defense-in-depth
  • Dealing with full hazard spectrum
  • Treating correlated hazards 31 Advanced Methods Needed?
  • Conceptually straightforward
  • Need to treat dynamics?

Level 2 PSA Topic

  • Long-duration scenarios
  • Equipment survivability and I&C system-related impacts
  • Environmental conditions and habitability 32 Advanced Methods Needed?
  • Current technology Temperature Lighting
  • Radiation?

Source number, strengths, and locations Transport Crew information, effect on planning Simplifications?

Level 3 PSA Topic

  • Effect of offsite hazard on response
  • Intentional venting
  • Onsite contractors
  • Aqueous pathway
  • Training and resources
  • Assessment endpoints 33 Advanced Methods Needed?
  • Improved transport and dispersion?

Higher resolution Broader coverage

  • Human behavior (affecting costs)?

Psychological impacts Social response

Fukushima Lessons - A More Detailed Look (1 of 5) 34 Topic/Area Challenges [C] and Reminders [R]

Reactors Level 1/2/3 PRA 1)

Extending the PSA scope to address: a) multiple units and sites, b) post-accident shutdown risk, and c) on-and off-site emergency response organizations [C]

2)

Treatment of the feedback from offsite consequences to plant decision making [C]

3)

Improving realism of accident progression modeling [C]

4)

Addressing long-duration scenarios, including availability of supplemental offsite resources (e.g., fuel oil, water, equipment) [C]

5)

Characterizing uncertainty in phenomenological codes [C]

Low Power and Shutdown 1)

Treatment of post-accident shutdown risk [R]

2)

Treatment of shutdown risk associated with a pre-emptively shutdown plant [R]

Operational Data 1)

Ensuring appropriate use of Fukushima data (and worldwide events) in high-level estimates of CDF [R].

2)

Ensuring adequate basis for excluding operational data, especially for rare or infrequent occurrences [R]

3)

Ensuring adequate reliability data for temporary mitigating equipment and systems [C]

4)

Ensuring adequate reliability data for containment penetration integrity [R]

Event Analysis

1) Performing real-time on-the-fly event risk analysis for incident response and early investigations [C]

New Reactors 1)

Identification and treatment of errors of commission (EOCs), including those involving intentional disabling of passive safety systems [C]

2)

Treatment of operator performance when digital systems are lost [C]

3)

Addressing staffing requirements (possibly including offsite personnel) when responding to accidents [R]

4)

Addressing reliability of passive components (e.g., rupture disks) [R]

Fukushima Lessons - A More Detailed Look (2 of 5) 35 Topic/Area Challenges [C] and Reminders [R]

Non-Reactor Facilities and Activities High Level Waste 1)

Treatment of competing resource demands associated with multi-source (e.g., reactor and spent fuel pool -

SFP) scenarios [C]

2)

Treatment of external hazards effects on stored spent fuel [R].

Low Level Waste 1)

Treatment of wastewater concerns (e.g., storage, leakage, area accessibility) on operator actions [C]

2)

Treatment of aqueous transport of wastewater and consequences (public safety, environmental, and economic) [C]

3)

Treatment of groundwater contamination [C]

4)

Addressing pre-accident wastewater storage capacity [R]

Implementation and Application PSA Standards and Guidance

1) Ensuring appropriate treatment of issues identified in this table, especially with respect to external event screening [R]

Metrics 1)

Development of appropriate risk metrics for multi-unit/source and multi-site scenarios [C]

Risk Perception and Communication

1) Treatment of the psychological impact on operators, experts, and decision makers [C]
2) Treatment of anticipated non-radiation related fatalities and health effects in evacuation decision making [C]
3) Framing the risks of NPP operation to allow comparison to other societal and individual risks [C]

Fukushima Lessons - A More Detailed Look (3 of 5) 36 Topic/Area Challenges [C] and Reminders [R]

General Systems Analysis Methods and Tools PSA Tools 1)

Ability of PSA codes to solve detailed, multi-source models in reasonable timeframes [C]

Uncertainty and Sensitivity Analysis 1)

Consistent characterization of model uncertainties associated with phenomenological code predictions (e.g., severe accident progression, earthquake/tsunami prediction, atmospheric transport) [C]

2)

Quantitative treatment of uncertainties in external hazard analysis [R]

3)

Assessment of the effects of model uncertainty on overall results (e.g., combinations of key modeling uncertainties) [R]

Advanced Modeling Methods 1)

Probabilistic treatment of factors affecting observed accident evolution (e.g., multiple shocks over time; partial successes, failures, and recoveries; uncertain information; conscious allocation of recovery resources; feedback loops) [C]

2)

Treatment of concurrent and correlated hazards (e.g., seismically induced fires) [C]

Elicitation Methods 1)

Eliciting (and using) the technical communitys state of knowledge regarding the frequency and magnitude of key (rare) external hazards [R]

Fukushima Lessons - A More Detailed Look (4 of 5) 37 Topic/Area Challenges [C] and Reminders [R]

Special Topics Human Reliability Analysis 1)

Identification and treatment of errors of commission (EOCs) involving intentional disabling of safety systems [R]

2)

Treatment of different or multiple decision makers, including external distractions [C]

3)

Treatment of the psychological impact on operators, experts, and decision makers [C]

4)

Treatment of the feedback from offsite consequences to plant decision making [C]

5)

Assessment of the feasibility of recovery actions and delays in performing these actions [R]

6)

Assessment of the effects of uncertainty (including uncertainties due to loss of instrumentation and control) on operator actions and decision making [R]

7)

Assessment of cumulative effects (e.g., fatigue, radiation exposure) on operators [C]

8)

Assessment of the variability in plant crew performance [R]

9)

Assessment of the possibility of control room or even site abandonment due to hazardous conditions [C]

Passive Components 1)

Treatment of failure location(s) and mode(s) for primary system (e.g., suppression pool welds, primary containment penetrations) during severe accident analysis. [C]

2)

Addressing reliability of passive components (e.g., rupture disks, drywell penetration and head seal) [R].

Passive Systems 1)

Identification and treatment of EOCs involving intentional disabling of passive safety systems [C]

Digital systems 1)

Treatment of operator performance when digital control or safety systems are lost [C]

2)

Reliability of digital systems, particularly under harsh or severe accident conditions [C]

Multiple Units and Sites 1)

Treatment of multi-unit and multi-source interactions (e.g., common threats, physical interconnections, physical effects, area events, resource/staffing allocations) [C]

2)

Treatment of multi-site interactions (e.g., common threats, resource/staffing allocations) [C]

3)

Development of appropriate risk metrics for multi-unit/source and multi-site scenarios [C]

Fukushima Lessons - A More Detailed Look (5 of 5) 38 Topic/Area Challenges [C] and Reminders [R]

Special Topics (Cont.)

Internal Hazards 1)

Treatment of the multiple effects of internal explosions on operations (e.g., scattered radioactive debris limiting area access, damaged barriers, evacuation on non-essential staff) [C]

External Hazards 1)

Characterization and treatment of full spectrum of hazards [C]

2)

Treatment of correlated hazards (e.g., earthquake-induced tsunamis and fires) [C]

3)

Treatment of multiple shocks (and associated component fragilities) and periods of elevated hazard (e.g.,

tsunami warnings), including direct and psychological effects on staff [C]

4)

Avoiding premature screening [R]

5)

Addressing all damage mechanisms for hazards and associated fragilities (e.g., dynamic loadings, water drawdown, debris loading/blocking) [R]

6)

Addressing effects of on-and offsite damage caused by external hazard (e.g., anticipated damage to underground piping, availability/installation of portable equipment, effect on offsite resource availability and timing) [R]

Safety-Security Interface 1)

Addressing event effects on access systems (e.g., gates, doors) [R]

Accident Management 1)

Treatment of general Level 2 concerns [C,R]

2)

Treatment of Level 2 HRA concerns [C,R]

3)

Addressing effects of external event on accident management [R]

4)

Modeling of human and organizational behavior in a post core damage environment [C]

Emergency Preparedness and Response 1)

Treatment of non-radiation related fatalities and health effects, and impact of anticipated effects in evacuation decision making [C]

2)

Probabilistic treatment of failures in on-site/offsite emergency response, evacuation, and mitigation [C]

3)

Addressing delays in evacuation due to poor communication, lack of information, or unavailability of offsite emergency facilities [R]

4)

Addressing effects of external event (including but not limited to damage) on evacuation [R]

5)

Treatment of multiple offsite population moves due to expanding evacuation zones [R]

Retrieved from "https://kanterella.com/w/index.php?title=ML19011A442&oldid=4940870"