ML19011A423

From kanterella
Revision as of 06:54, 20 October 2019 by StriderTol (talk | contribs) (Created page by program invented by StriderTol)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Lecture 2-1 PRA History 2019-01-16
ML19011A423
Person / Time
Issue date: 01/16/2019
From:
Office of Nuclear Regulatory Research
To:
Nathan Siu 415-0744
Shared Package
ML19011A416 List:
References
Download: ML19011A423 (24)
v  d  e


Text

NPP PRA and RIDM:

Early History Lecture 2-1 1

Overview Key Topics

  • Origin and general progress of NPP PRA
  • Major studies
  • Key lessons

- From PRA

- About PRA (technology)

- About PRA and RIDM 2

Overview Resources

  • T.R. Wellock, A figure of merit: quantifying the probability of a nuclear reactor accident, Technology and Culture, 58, No. 3, 678-721, July 2017.
  • W. Keller and M. Modarres, A historical overview of probabilistic risk assessment development and its use in the nuclear power industry: a tribute to the late Professor Norman Carl Rasmussen, Reliability Engineering and System Safety, 89, 271-285, 2005.
  • M. R. Hayns, The evolution of probabilistic risk assessment in the nuclear industry, Transactions Institute of Chemical Engineers, 77, Part B, 117-142, May 1999.
  • Risk Analysis, Special Issue on Nuclear Probabilistic Risk Analysis, 4, No. 4, December 1984.

3

Overview Other References

  • J.S. Walker and T.R. Wellock, A Short History of Nuclear Regulation, 1946-2009, NUREG/BR-0175, October 2010.
  • F.E. Haskin, A.L. Camp, S.A. Hodge, and D.A. Powers, Perspectives on Reactor Safety, NUREG/CR-6042, Revision 2, March 2002.
  • G.D. Bell, The calculated risk - a safety criterion, in F.R. Farmer (ed.), Nuclear Reactor Safety, Academic Press, London, 1977.
  • J.R. Beattie, G.D. Bell, and J.E. Edwards, Methods for the Evaluation of Risk, AHSB (S) R159, UKAEA, 1969.
  • M.C. Pugh, "Probability Approach to Safety Analysis," TRG Report 1949, UKAEA, 1969.
  • U.S. Nuclear Regulatory Commission, Reactor Safety Study: An Assessment of Accident Risks in U.S.

Commercial Nuclear Power Plants, WASH-1400, (NUREG-75/014), October 1975.

  • H.W. Lewis, et al., Risk Assessment Review Group Report to the U.S. Nuclear Regulatory Commission, NUREG/CR-0400, September 1978.
  • A. Birkhofer, The German risk study for nuclear power plants, IAEA Bulletin, 22, No. 5/6, October 1980.
  • U.S. Nuclear Regulatory Commission, Severe Accident Risks: An Assessment for Five U.S. Nuclear Power Plants, NUREG-1150, December 1990.
  • U.S. Nuclear Regulatory Commission, Individual Plant Examination Program: Perspectives on Reactor Safety and Plant Performance, NUREG-1560, December 1997.
  • U.S. Nuclear Regulatory Commission, Perspectives Gained from the Individual Plant Examination of External Events (IPEEE) Program, NUREG-1742, April 2002.

4

Why History?

The past might not predict the future but it certainly provides useful lessons Besides providing credit where credits due, past studies and records can provide

  • Improved starting points for research and analysis (e.g.,

for new designs and scenarios)

  • Examples of mistakes and biases to be protected against
  • Previous regulatory precedents

- Decisions

- Supporting Rationale 5

Why History?

Old topic, still valuable?

Paper Title* Modern Topic Probabilistic analysis of rupture in nuclear Credit for Leak Before Break using reactor coolant piping probabilistic fracture mechanics The use of quantitative risk and probabilistic Selection of licensing-basis accidents safety criteria in the conceptual design of a in Licensing Modernization Program large pool-type LMFBR Investigations of the adequacy of the Advanced atmospheric transport meteorological transport model developed for modeling the Reactor Safety Study Tornado missile simulation and risk analysis Risk-informed tornado missile protection Human reliability analysis of dependent Quantitative impact of dependence events between human errors

  • Proceedings, ANS Topical Meeting on Probabilistic Analysis of Nuclear Reactor Safety (PSA 78), Newport Beach, CA, May 8-10, 1978.

6

Why History?

Le Blayais 1999 French PWR Le Blayais undergoes serious flooding, leading to mobilization of national resources. (See Lecture 7-2) 2000-2005 French utility (EDF) and regulatory TSO (IPSN) deliver papers on event at various conferences.

2009 ASME/ANS PRA standard includes language indicating flooding is likely to be unimportant.

2010 EDF delivers talk on the Blayais event at NRCs Regulatory Information Conference.

2011 An earthquake-generated tsunami floods Fukushima Dai-ichi NPP, leading to core melt at Units 1-3.

7

Why History?

Caveat Emptor

  • Be wary of all oral histories (including this one)

- Speakers need to simplify. (7+/-2)

- Example (WASH-1400):

Main Report (~140 pages) + 11 Appendices (~2260 pages)*

Executive Summary (12 pages)

Oral Version (2 slides of bullets)

- Potential for important gaps and biases

- Potential for lore to perpetuate incorrect characterizations or even myths

  • Search tools can find facts; understanding is more difficult.
  • Well-researched documents, especially by trained historians (e.g., see Wellock) are extremely useful.
  • An NRC NUREG/KM is in the works
  • NUREG-1150 main report has ~550 pages, 14 companion NUREG/CR reports

(~10,000 pages) and 15 other supporting reports.

8

PRA/RIDM History Revised Reactor Oversight RG 1.174 A PRA Timeline Safety Atomic Energy Act Goal PRA ASME/ANS No undue risk Policy Policy PRA Standard Price-Anderson Indian IPE/

(non-zero risk) Point IPEEE UKAEA SGHWR Farmer Curve German Risk Study EU Stress Tests WASH-740 WASH-1400 NUREG-1150 Level 3 PRA TMI Chernobyl Fukushima AEC NRC created created 1940 1950 1960 1970 1980 1990 2000 2010 2020 9

PRA/RIDM History Before PRA - Reliability Engineering*

  • Post-WW I: qualitative comparisons lead to multi-engine aircraft designs
  • 1930s: quantification (average number of failures, mean failure rates)
  • WW II: V-1 missile

- Chain cant be stronger than weakest link => strengthen weakest link. Still 100% failures

- Realized a large number of fairly strong links can be more unreliable than a single weak link. Ultimately achieved 60%

reliability.

  • A.E. Green and A.J. Bourne, Reliability Technology, Wiley, London, 1972.

10

PRA/RIDM History Post WW II - Safety and Feasibility Concerns

  • 1949: Reactor Safeguard Committee expresses concern with possibility and consequences of runaway reactions, desire for information on accident probabilities.
  • 1950s: Hanford Site. From T. Wellock, WASH-1400 and the Origins of Probabilistic Risk

- Hanford staff recommend bottom up methodology for calculating Assessment (PRA) in the Nuclear Industry, 2015.

probabilities based on concept of accidents as chains of events (1953).

- WASH-740 includes alarming estimates of consequences for a major reactor accident with no credible estimates of likelihood (1957).

  • 1960s:

- Full-scale probabilistic calculations not yet successful. (Too conservative or too optimistic.) USAEC relies on remote siting and ESFs.

- Fault tree analysis (Bell Labs) spreading in reliability engineering.

USAEC funds small-scale nuclear applications (e.g., at Holmes and Narver). F.R. Farmer, Reactor safety and siting: a proposed risk criterion,

- Other countries (Canada, UK, Japan) advocate probabilistic Nuclear Safety, 8, 539-548(1967).

approaches. UKAEA (F.R. Farmer) proposes a risk-based siting criterion (1967), applies to a prototype SGHWR design (1969).

11

Major Studies WASH-1400 - The Study

  • Initiated 1972, draft 1974, final 1975
  • Director: Prof. Norman C. Rasmussen (MIT)
  • Objectives

- Estimate public risks from potential accidents

- Provide a perspective through comparison with non-nuclear risk

  • Scope

- Level 3, at power, focus on internal events

- Two plants: Surry (PWR) and Peach Bottom (BWR)

  • Key Finding: Risks are comparatively small
  • Other Professor Norman C. Rasmussen, MIT (National Academies Press)

- NPP PRA is feasible

- Accident likelihoods higher than previously assumed (around 6x10-5/ry vs. 1x10-8) but consequences are lower

- Risk can be dominated by less severe, more likely scenarios (SLOCA>LLOCA) 12

Major Studies WASH-1400 - The Aftermath

  • Criticized by Risk Assessment Review Group Some Technical and (Lewis Committee) and others (e.g., UCS, Regulatory Concerns NRC staff)
  • Credit for human

- Executive Summary (advocates brief) adaptability

- Other concerns

  • Conservative biases in treating uncertainties
  • Criticisms swamped good points
  • Common cause failure

- Systematic identification and analysis of accident analysis scenarios

  • Meaningfulness of

- Freedom to think creatively beyond Maximum absolute risk estimates

  • Need to change existing Credible Accidents licensing process
  • Commission withdrew endorsement of
  • Training costs Executive Summary and requested staff review of report uses in decisions => chilling effect
  • TMI (1979) started change in views.

13

Major Studies Indian Point PRA

  • UCS Petition to close Unit 1, suspend operation of Units 2 and 3 pending resolution of safety issues (1979)
  • Indian Point Probabilistic Safety Study (IPPSS): Level 3, full-scope PRA (1980-1982)

- Quantifies risk

- Assesses severe accident management alternatives

  • Study plus BNL and SNL reviews provided basis for ASLB finding(1983) and Commission decision to allow continued operation (1985)
  • Along with earlier study for Zion, led wave of industry-sponsored PRAs 14

More Studies Some Activities after WASH-1400 Studies Research Programs (c. 1984)

  • Biblis B (1978)
  • Improved Reactor Safety Program

- Probability of initiating events

  • Oyster Creek (1979) - Probability of failure of safety systems to control course of events
  • RSSMAP (1981-1982): Sequoyah 1, Oconee 3, - Probability of failure of safety systems to inhibit radioactive releases Grand Gulf 1, Calvert Cliffs 2Big Rock Point (1981)
  • PRA Reference Document
  • IREP (1981-1983): Crystal River 3, Browns Ferry, - Purpose and content of a PRA ANO-1, Millstone 1 - PRAs performed to date, results, generic insights

- Level of maturity and uncertainties of different

  • Zion 1 and 2 (1981) elements
  • Limerick 1 and 2 (1981)
  • Risk Methods Integration and Evaluation Program (RMIEP)
  • Indian Point 2 and 3 (1982) - Integrated treatment of internal, external, and CCF events
  • Sizewell B (1982) - Evaluate PRA technological developments, lay basis for improvements
  • Millstone 3 (1983) - Identify, evaluate, display uncertainties
  • Seabrook 1 and 2 (1983) - Conduct a PRA for LaSalle (BWR 5, Mk II)
  • Oconee-3 (1984)

See R. Bernero, Probabilistic Risk Analyses: NRC Programs and Perspectives, Risk Analysis, 4, No. 4, 287-297, See M. R. Hayns, The evolution of probabilistic risk December 1984.

assessment in the nuclear industry, Transactions Institute of Chemical Engineers, 77, Part B, 117-142, May 1999 for sample results. 15

PRA/RIDM History Safety Goal Policy Statement (51 FR 30028; 1986)

  • How safe is safe enough?
  • Qualitative health objectives

- Individuals should bear no significant additional risk

- Societal risks should be risks from other generating technologies, should not be a significant addition to other societal risks

  • Quantitative health objectives (QHOs)

- Prompt fatality risk for an average, nearby individual <

0.1% risks from all other accidents

- Cancer fatality risk for population in area) < 0.1%

cancer fatality risks from all other causes

  • Surrogate risk measures

- Prompt fatality: LERF < 10-5/ry

- Latent cancer: CDF < 10-4/ry 16

Major Studies NUREG-1150 (1990)

  • Objectives

- Current snapshot of severe accident risks

- Models and results for prioritizing issues and R&D

  • Scope

- Surry, Peach Bottom: internal events, fire, seismic

- Sequoyah, Grand Gulf, Zion: internal events

  • Representative results shown elsewhere (e.g., Lecture 2-2)
  • Notes

- Initial draft published 1987; criticisms led to major revisions

- No Executive Summary, no short summary of findings

- Hazard results reported separately (not aggregated)

- Intended to be the simple study; companion RMIEP study used as vehicle for advanced methods development and application

- Results widely used in subsequent NRC activities 17

PRA/RIDM History PRA Policy Statement (60 FR 42622; 1995)

  • Policies:

- Increase use of PRA technology to the extent supported by the state of the art and data.

- Complement deterministic approach, support defense-in-depth philosophy

- Reduce unnecessary conservatism, support additional requirements as appropriate

- Analyses should be as realistic as practicable; data should be publicly available for review

- Consider uncertainties when using the Commissions Safety Goals and subsidiary objectives

  • Expected Benefits:

(1) Considers broader set of potential challenges (2) Helps prioritize challenges (3) Considers broader set of defenses 18

Major Studies Individual Plant Examinations

- Plants pose no undue risk but systematic examinations are useful to identify severe accident vulnerabilities that can be fixed with low-cost improvements

- Letters request licensee analyses

- Individual Plant Examinations (IPE): internal events and internal flooding

- Individual Plant Examinations of External Events (IPEEE):

seismic, fire, others (high winds, flooding, ) 0.3

- Vulnerabilities not defined and PRA not required 0.1

- Most plants use PRA for internal events 0.0

- Many plants use margin analyses for seismic and/or fire 10-6 10-5 10-4 10-3

  • No vulnerabilities found but numerous improvements CDF (/ry) identified; studies provide starting point for other applications.

19

PRA/RIDM History Modern History

  • RIDM infrastructure development (RG 1.174, PRA standards, training, ) - Lecture 8-2
  • Risk-informed applications - Lecture 8-1

20

Key Lessons Some Forgotten Studies and Lessons

  • RSSMAP (Reactor Safety Study Methods Application Program) - simplified extensions to Modern Relevance four plants
  • Disappointment with
  • IREP (Interim Reliability Evaluation Program) - simplified analyses
  • Continuing desire to find search for unique features increasing vulnerabilities - barriers?

susceptibility to severe accidents.

  • Lack of patience with extended studies; need
  • RMIEP (Risk Methods Integration and for near-term applications Evaluation Program) - vehicle for advanced
  • Lure of direct statistical estimation methods development and application.
  • Polarization from
  • ASP (Accident Sequence Precursor) studies - alternative vs.

complementary approach evaluated risk significance of operational events; proposed as possible alternate, statistically-oriented approach to PRA 21

Key Lessons Some Historical Lessons - PRA Results

  • Importance of full spectrum of accidents, potential dominance of lesser accidents (e.g., small loss of coolant accidents - SLOCA)
  • Importance of station blackout (SBO), loss of ultimate heat sink (LOUHS), human errors, fire, external hazards
  • Relatively low likelihood of large-scale health effects, potential for land contamination 22

Key Lessons Some Historical Lessons - PRA Technology

  • Feasibility of useful analysis
  • Importance of process (not just numbers)
  • Key technical challenges

- Human reliability analysis (HRA)

- External hazards analysis

- Common cause failure (CCF) analysis

  • No free lunch - limitations of simplified analyses 23

Key Lessons Some Historical Lessons About PRA in RIDM*

  • Despite technical challenges, judged sufficiently mature to support practical decisions, major as well as minor
  • Long-running (and continuing) challenges in interpretation and use of numerical results

- Appropriateness of adding results of heterogeneous analyses to support comparisons with decision criteria

- Demonstration of acceptable level of safety

  • Importance of review (peer and regulatory)

- Identification and correction of problems

- Confidence in decision applications

  • See Lectures 2-3, 8-4, and 9-1 for more discussion on challenges 24
Retrieved from "https://kanterella.com/w/index.php?title=ML19011A423&oldid=1916383"