ML19309F616

From kanterella
Jump to navigation Jump to search
PRA and RIDM Mit 2019-11-25 Rev. 1 Small
ML19309F616
Person / Time
Issue date: 11/25/2019
From: Nathan Siu
NRC/RES/DRA
To:
Nathan Siu, 301-415-0744, RES/DRA
References
Download: ML19309F616 (70)
v  d  e


Text

PRA and Risk-Informed Decisionmaking at the NRC: Status, Challenges, and Future Directions Nathan Siu Senior Technical Adviser for PRA Office of Nuclear Regulatory Research Massachusetts Institute of Technology November 25, 2019 1

Prelude Risk, PRA, and risk-informed decisionmaking 2

Prelude A Common Definition of Risk Risk x Decision support concerns:

  • Purely quantitative
  • Average value, equates

- Low-probability/high-consequence

- High-probability/low-consequence 3

Prelude Low-Probability/High Consequence vs.

High-Probability/Low Consequence Adapted from Farmer, F.R.,

Reactor safety and siting: a proposed risk criterion, Nuclear Safety, 8, 539-548(1967).

linear National Transportation Safety Board, 2016.

(http://www.ntsb.gov/investigations/)

From Traffic Safety Facts: Research Note, U.S. Dept. of Transportation, 2016. 4

Prelude The Triplet Definition of Risk (Kaplan and Garrick, 1981)*

Risk {si , Ci , pi } Features

  • Vector, not scalar
  • Qualitative and
  • What can go wrong?

quantitative

  • What are the consequences?
  • Differences across
  • How likely is it? accident spectrum
  • Adopted by NRC: see White Paper on Risk-informed and Performance-Based Regulation, SECY-98-144, June 22, 1998.

5

Prelude Probabilistic Risk Assessment (PRA)

  • Answers the risk triplet questions

- Addresses entire system

- Includes event tree and fault tree analysis

  • Supports decisions

- Defined problem

- Realistic

- Practical

- Treats uncertainties 6

Prelude Risk-Informed Regulatory Decisionmaking Consider risk insights together with other factors Risk-Informed Risk-Based 7

Prelude Remainder of Talk

  • Example Applications
  • PRA Pointers/Reminders
  • Current Challenges
  • Future Directions
  • Closing Thoughts 8

Prelude Key Messages

  • Risk is the answer to three questions

- What can go wrong?

- What are the consequences?

- How likely is it?

  • NRC uses PRA to support regulatory decision making

- Risk-informed (not risk-based) decisionmaking

- All regulatory functions

  • Technical and implementation challenges are spurring research and other activities 9

PRA at the NRC How we use risk information and why 10

PRA at the NRC Revised Reactor Oversight A PRA Timeline RG 1.174 Safety Atomic Energy Act Goal PRA ASME/ANS No undue risk Policy Policy PRA Standard Price-Anderson Indian IPE/

(non-zero risk) Point IPEEE UKAEA SGHWR Farmer Curve German Risk Study EU Stress Tests WASH-740 WASH-1400 NUREG-1150 Level 3 PRA Windscale TMI Chernobyl Fukushima AEC NRC created created 1940 1950 1960 1970 1980 1990 2000 2010 2020 11

PRA at the NRC 1995 PRA Policy Statement

  • Increase use of PRA technology in all regulatory matters

- Consistent with PRA state-of-the-art

- Complement deterministic approach, support defense-in-depth philosophy

  • Benefits:

(1) Considers broader set of potential challenges (2) Helps prioritize challenges (3) Considers broader set of defenses 12

PRA at the NRC All regulatory matters Risk Assessment 13

PRA at the NRC Complementing deterministic approach (1)

Defense-in-Current depth Safety regulations margins Integrated Decision Making Monitoring Risk Adapted from RG 1.174 14

PRA at the NRC Complementing deterministic approach (2)

NUREG-2150 Other Considerations

  • Current regulations
  • Safety margins
  • Defense-in-depth
  • Performance monitoring 15

PRA at the NRC And before the immediate decision Decision Specific Analyses Risk-Related Methods, Models, Tools, Regulatory Databases, R&D (R4&D)

Standards, Guidance, Note: prior, foundational knowledge:

Foundational Knowledge

  • influences information processing
  • is persistent Regulatory Decision Support 16

PRA Applications Some examples of PRA uses 17

Applications Risk Management - General

  • Decisions

- Industry-wide and license-specific

- Operating reactors: applications are voluntary

- New reactors: PRAs required for design certification and licensing

  • NUREG-2150: proposal to increase use of risk information 18

Applications NRC Applications of Risk Information 19

Applications Fire Protection (NFPA 805)

  • Browns Ferry Nuclear Power Plant fire (3/22/75)

Adapted from NUREG-0050

  • Candle ignited foam penetration seal, initiated cable tray fire; water suppression delayed; complicated shutdown 11.5m 8.5m
  • Second-most challenging event in U.S. nuclear power plant operating history TVA File Photo
  • Spurred changes in 3m requirements and analysis 20

Applications Fire Protection (NFPA 805)

- 20 feet separation with detectors and auto suppression, OR hour fire barrier with detectors and auto suppression

- Voluntary alternative to Appendix R

- Deterministic and performance-based elements

- Changes can be made without prior approval; risk must be acceptable From Cline, D.D., et al., Investigation of Twenty-Foot Separation Distance as a Fire Protection Method as Specified in 10 CFR 50, Appendix R, NUREG/CR-3192, 1983.

21

Applications Changes in Plant Licensing Basis (RG 1.174)

  • Voluntary changes:

licensee requests, NRC reviews

  • Small risk increases may be acceptable
  • Change requests may be combined

22

Applications Reactor Oversight Program CDF < 1E-6

  • Determining significance of findings

- Characterize performance deficiency 1E-6 < CDF < 1E-5 1E-7 < LERF < 1E-6

- Use review panel (if required)

- Obtain licensee perspective 1E-5 < CDF < 1E-4

- Finalize 1E-6 < LERF < 1E-5

Applications Accident Sequence Precursor Program

  • Program recommended by WASH-1400 review group (1978) significant
  • Provides risk-informed view of precursor nuclear plant operating experience

- Conditional core damage probability (events) precursor

- Increase in core damage probability (conditions)

  • Supported by plant-specific Standardized Plant Analysis Risk Licensee Event Reports 1969-2018 (No significant precursors since 2002) models 24

Keep in mind General PRA pointers and observations 25

Pointers Core Damage Frequency (CDF) is a metric

  • Governing equation CDF T N CDFT P N CD events in (0,T) CDF = e N!

0.70

  • Key assumptions 0.60 CDF = 5x10-5/ry (100 plants)

CDF = 1x10-4/ry (100 plants)

Probability(T1 t)

- Independent events 0.50 0.40

- No aging effects 0.30

  • Clusters > dependence 0.20 0.10 0.00 0 20 40 60 80 100 0

0 50 100 150 200 250 300 t (years) t 26

Pointers P in PRA reflects state of knowledge P{XlC,H}

  • P = Probability
  • X = Proposition of concern (e.g., Plant X will have core melt in next 20 years)
  • C = Conditions of assessment (e.g., key assumptions)
  • H = State of knowledge:

- Includes basic science/engineering, model predictions, empirical data, expert judgment

- Dependent on assessor(s) 27

Pointers Multiple hazards can be important 28

Pointers Accident data are sparse

  • A good thing but subjectivity is inherent

- Choice of relevant data

- Modeling (whats in, whats out, level of detail)

- Potential biases (personal knowledge, technical discipline focus)

  • Need to make sure uncertainties are

- Characterized (considering the views of the informed community)

- Presented in digestible form 29

Pointers Uncertainties often order of magnitude 30

Pointers Uncertainties: important input to RIDM 9/10, 13:36 EDT 31

Pointers HRA example: model and user effects NRC, SPAR-H INL, SPAR-H Same method, different teams NRI, CREAM NRI, DT+ASEP All teams, all methods Same team, different methods A Bye, et al., International HRA Empirical Study, NUREG/IA-0216, August 2011.

32

Pointers HRA example: second iteration 1.0E+0 Human Error Probability (HEP)

ASEP Team 1 1.0E-1 ASEP Team 2 SPAR-H Team 1 SPAR-H Team 2 1.0E-2 CBDT & HCR/ORE Team 1 CBDT & HCR/ORE Team 2 1.0E-3 CBDT & HCR/ORE Team 3 ATHEANA Team 1 1.0E-4 ATHEANA Team 2 Empirical 95th Percentile Empirical 5th Percentile 1.0E-5 HFE 2A HFE 1C HFE 1A HFE 3A HFE 1B Decreasing difficulty HEPs by HFE (All Methods)

Adapted from NUREG-2156 33

Some Challenges Improving the technology and system 34

Challenges Example Challenges

  • Understanding
  • Data
  • Uncertainties
  • Bounding/screening
  • Heterogeneity and
  • Guidance aggregation
  • Holes Analysts Users
  • Confidence
  • Integration
  • Other Factors (e.g.,
  • Imagination DID, safety margins)
  • Stakeholders
  • New science/engineering
  • Operational experience
  • Time
  • Intended users/applications
  • Computational limits
  • Resources Developers
  • Rewards
  • Biases/heuristics
  • Communication 35

Challenges New Experiments and Analyses

  • High Energy Arc Faults (HEAF) in cabinets
  • Aqueous transport of accident-generated wastewater
  • State-of-the-Art Consequence Analysis (SOARCA)
  • 40 kA
  • 7 seconds 36

Challenges General R&D Challenges

  • Resources
  • Picking right topics
  • Justification given uncertain long-term payoff

- Allowable near term failures?

- Delayed beneficial spin-offs?

37

Challenges Bounding/Screening

  • Needed to focus analysis on important scenarios
  • Technical needs

- Fundamental science/engineering

- PRA methods, models, tools, data

- Guidance

  • Potential concerns

- Overestimate total risk

- Distort risk profile 38

Challenges Stakeholder Views NRC Risk-Informed Steering Committee

  • Provides strategic direction to advance use of risk-informed decisionmaking
  • Formed October 2013
  • Public meetings
  • Coordinated working groups

- Technical adequacy (including new methods approval)

- Uncertainty in decision making Adapted from RG 1.174 (including aggregation)

- Credit for mitigating strategies 39

Future Directions Near- and longer-term 40

Future Directions Influencing Factors

  • Trends
  • Initiatives and policies

- Transformation

- Single failure

  • Potential implications for U.S. Nuclear Regulatory Commission, The Dynamic Futures for NRC Mission Areas, 2019. (ML19022A178)

R4&D 41

Future Directions Some key trends

  • Increasing economic pressure => increasing drive for RIDM
  • Increasing variety of reactor concepts
  • Improving analysis technology and expanding data
  • Changing staff
  • Decreasing R&D budget S. Prescott, et al., 3D Simulation of External Flooding Events for the RISMC Pathway, INL/EXT-15-36773, Idaho National Laboratory, 2015.

42

Future Directions Initiatives and Policies 43

Future Directions Transformation

  • SECY-18-0060: Achieving Modern Risk-Informed Regulation, May 23, 2018 (ML18110A187, withdrawn)
  • Applying the Principles of Good Regulation as a Risk-Informed Regulator, October 15, 2019 (ML19260E683)

- Evolving situation (market forces, new technologies, new professionals)

- Vision: make safe use of nuclear technology possible

- Continuing standard: reasonable assurance of adequate protection

- Potentially different ways of achievement - embrace change 44

Future Directions Single Failure

  • SECY-19-0036, April 11, 2019 (ML19060A081): the staff is seeking Commission affirmation that the most damaging single active failure of safety-related equipment is required to be considered in performing design, and transient and accident analyses, unless such a failure can be shown with high confidence to not be credible.
  • SRM-SECY-19-0036, July 19, 2019 (ML19183A408): In any licensing review or other regulatory decision, the staff should apply risk-informed principles when strict, prescriptive application of deterministic criteria such as the single failure criterion is unnecessary to provide for reasonable assurance of adequate protection of public health and safety.

45

Future Directions Potential Future R4&D Im worried

  • Near term - support operating about the reactors mission, Dave.
  • Longer-term Cmon HAL,

- Leveraging results open the pod

- Advanced Reactor PRA bay door

- Completeness uncertainties, e.g.,

  • Errors of commission
  • Passive systems
  • External hazards
  • Security
  • Forward looking

- Advanced PRA methods: dynamic PRA

- AI/Big Data: R4&D applications

  • Operational experience mining
  • Model review tools 46

Closing Thoughts Post-Fukushima critiques, key messages, references 47

Closing Thoughts Post-Fukushima PRA Discussions PRA Critiques NRC Perspectives

  • PRAs did not predict
  • PRAs observed scenario - - identify and quantify possibilities; do failure of imagination not predict
  • Global statistics prove - look beyond the design basis and past PRAs underestimate risk operational experience

- Provide framework to search for failure scenarios

  • Global statistical estimates

- assume exchangeability

- neglect key information needed for regulatory decisionmaking

- can spur examination of models 48

Closing Thoughts Key Messages

  • Risk is the answer to three questions

- What can go wrong?

- What are the consequences?

- How likely is it?

  • NRC uses PRA to support regulatory decision making

- Risk-informed (not risk-based) decisionmaking

- All regulatory functions

  • Technical and implementation challenges are spurring research and other activities 49

Closing Thoughts For Further Reading*

Final Policy Statement, Federal Register, Vol. 60, p. 42622 (60 FR 42622),

August 16, 1995.

  • USNRC, No Undue Risk: Regulating the Safety of Operating Nuclear Power Plants, NUREG/BR-0518, 2014.

Some Frequently Asked Questions, NUREG-2201, 2016.

  • Kaplan, S. and B.J. Garrick, On the quantitative definition of risk, Risk Analysis, 1, 11-37(1981).
  • Most of these references can be found at www.nrc.gov 50

NRC Information

  • Website: www.nrc.gov
  • Status of risk-informed activities:

https://www.nrc.gov/about-nrc/regulatory/risk-informed/rpp.html 51

Additional Slides 52

NRC Organization

  • Headquarters + 4 Regional Offices
  • 5 Commissioners
  • ~3100 staff (FY 2019)
  • Annual budget ~$910M
  • Website: www.nrc.gov
  • Information Digest:

NUREG-1350 V31 53

NRC PRA Work and Interactions

  • NRC (HQ and Regions)

- Analysts

- Reviewers

- Policy and decision makers

  • National Laboratories
  • Private Firms
  • Universities
  • Cooperating Organizations

- Other government agencies

- Industry (licensees, owners groups, R&D)

- International (IAEA, OECD/NEA)

  • Standards Organizations
  • Public

- Industry

- PRA community

- General public 54

NRC Mission The U.S. Nuclear Regulatory Commission licenses and regulates the Nations civilian use of radioactive materials to protect public health and safety, promote the common defense and security, and protect the environment.

- NUREG-1614 (NRC Strategic Plan) 55

Regulatory Approach Standard* Principles**

  • Independence Reasonable assurance
  • Openness of adequate protection
  • Efficiency
  • Clarity
  • Reliability
  • When granting, suspending, revoking, or amending licenses or construction permits.

(Atomic Energy Act of 1954, as amended - see NUREG-0980, v1, n7, 2005)

U.S. Nuclear Power Plants (2019)

  • 97 plants (58 sites) - 65 PWR, 32 BWR, ~19% U.S. total electricity (2017)
  • Subsequent License Renewal: 6 applications under review
  • Early Site Permits (ESP): 5 issued, 1 (TVA, Clinch River) under review
  • Combined Construction and Operating License (COL): 14 issued, 6 terminated
  • Design Certification (DC): 6 issued, 2 (US-APWR, NuScale) under review 57

Risk Assessment vs. Risk Management From National Research Council, Understanding Risk: Informing Decisions in a Democratic Society, National Academy Press, 1996.

58

PRA at the NRC Why PRA: 1995 PRA Policy Statement

  • The use of PRA technology should be increased in all regulatory matters to the extent supported by the state-of-the-art in PRA methods and data and in a manner that complements the NRCs deterministic approach and supports the NRCs traditional defense-in-depth philosophy
  • A probabilistic approach extends a traditional, deterministic approach to regulation, by:

(1) Allowing consideration of a broader set of potential challenges to safety, (2) providing a logical means for prioritizing these challenges based on risk significance, and (3) Allowing consideration of a broader set of resources to defend against these challenges.

59

Example Event Tree 60

Example Fault Tree 61

NRC PRA Models and Tools

  • SPAR* Models
  • SAPHIRE** code 79 operating plant models Idaho National Laboratory (NRC-(event tree/fault tree) sponsored) 4 new reactor plant models Features to support event and condition analysis
  • Standardized Plant Analysis Risk **Systems Analysis Programs for Hands-on Integrated Reliability Evaluation 62

Risk-Informed Regulations

  • Special treatment of structures, systems, and components (10 CFR 50.69)

Risk-Informed Licensing

  • Changes in plant licensing basis
  • Environmental reviews
  • Application of risk-informed regulations 64

Risk-Informed Oversight

  • Reactor oversight process
  • Incident investigation

Risk-Informed Operational Experience

  • Accident precursors
  • Emergent issues
  • Generic issues 66

Operating Experience Data NRC Programs Mitigating Signif icance Industry Operating Inspection NRC Staf f ASP Systems Public Determination Trends Experience (Internal) Program Perf ormance Program (External)

Process Program Clearinghouse Index Industry Trends Support Special CCF Initiating Comp. Studies System Studies Fire Events Studies Parameters Events (Parm. Est. + Eng.) (SPAR and EPIX)

SPAR Tools and Databases Models LERSearch RADS CCF Database Database Risk-Based Operating Experience Analyses ASPDB Integrated Data Collection and Coding System Data Collection Data Monthly Sources MSPI EPIX Operating LERs Fire Events UAs Reports 67

Some Fire-Induced Near Misses Event Summary Description*

Browns Ferry Multi-unit cable fire; multiple systems lost, spurious component and system (BWR, 1975) operations; makeup from CRD pump Electrical cable fire; station blackout (SBO), loss of all normal core cooling for 5 Greifswald hours, loss of coolant through valve; recovered through low pressure pumps and (VVER, 1975) cross-tie with Unit 2 Turbine lube oil fire , collapsed turbine building roof, propagated into control Beloyarsk (LWGR, building, main control room (MCR) damage, secondary fires; extinguished in 22 1978) hours; damage to multiple safety systems and instrumentation.

Electrical cable fire (multiple locations), smoke spread to Unit 1 MCR, secondary Armenia explosions and fire; SBO (hose streams), loss of instrumentation and reactor (VVER, 1982) control; temporary cable from emergency diesel generator to high pressure pump Chernobyl (RBMK, Turbine failure and fire, turbine building roof collapsed; loss of generators, loss of 1991) feedwater (direct and indirect causes); makeup from seal water supply Narora Turbine failure, explosion and fire, smoke forced abandonment of shared MCR; (PHWR, 1993) SBO, loss of instrumentation; shutdown cooling pump energized 17 hours1.967593e-4 days <br />0.00472 hours <br />2.810847e-5 weeks <br />6.4685e-6 months <br /> later

Operational Experience - Blayais

  • 12/27/1999 - Storm during high tide in Gironde River estuary
  • Overtopping of protective dyke
  • Loss of

- Offsite power (Units 2 and 4) - wind

- Essential service water (Unit 1, Train A), low head safety injection and containment spray pumps (Units 1 and 2), site access - flooding

- Site accessibility

  • Papers in 2005 IAEA workshop following Indian Ocean tsunami E. De Fraguier, Lessons learned from 1999 Blayais flood:

overview of EDF flood risk management plan, U.S. NRC

  • Presentation at 2010 USNRC Regulatory Regulatory Information Conference, March 11, 2010.

Information Conference

  • Little notice in PSA community 69

Potential PRA Technology Challenges Revealed by Fukushima*

  • Extending PRA scope
  • Improving human reliability analysis

- Multiple sources - Errors of commission

- Additional systems - Severe accident management

- Additional organizations - Psychological effects

- Post-accident risk - Recovery feasibility and time delays

  • Treating feedback loops - Uncertainty in actual status
  • Reconsidering intentional - Cumulative effects over long-duration scenarios conservatism

- Crew-to-crew variability

  • Treating long-duration scenarios
  • Uncertainty in phenomenological

- Severe accident management codes

- Offsite resources

- Aftershocks

  • Increasing emphasis on searching

- Success criteria

Retrieved from "https://kanterella.com/w/index.php?title=ML19309F616&oldid=2371394"