Safety assessment of a nuclear power plant (NPP) relies on a spectrum of approaches. Traditionally, deterministic analysis was extensively used to evaluate a relatively small set of so-called design-basis accidents. Initially, for these design-basis accidents, conservative calculations were performed to “envelop” the plant response and to evaluate the margin to the different acceptance limits. This corresponds largely to what is called “Option 1”. Later, best-estimate codes were developed first for thermal-hydraulic system analysis. These best-estimate codes have been widely adopted in safety assessments of nuclear power plants. Usage of this type of codes allows for both “Options 2 and 3”, depending if only conservative inputs are adopted or if a full uncertainty evaluation is being performed, i.e. “Best-Estimate Plus Uncertainty (BEPU). With the ground-breaking WASH-1400 study performed in 1975, probabilistic safety analyses (PSA) techniques were integrated into the NPP safety assessment focusing is on “beyond design basis” sequences. Over time, this novel approach that initially met considerable criticism was continuously developed and today represents a matured analysis technology regularly applied in the framework of NPP safety assessments. Since the PSA approach does not include plant dynamics directly, support from transient analysis was necessary for identifying/verifying success criteria. Furthermore, severe accident analysis codes and further analysis tools were used to determine the course of involved sequences and its likely consequences. Typically, these support calculations were performed on a best-estimate basis (without uncertainty evaluations). It should be noted that considering the time evolution of the plant responses and its impact on success criteria could only be achieved through an (resource-intensive) iteration procedure. It is therefore no surprise that attempts to bridge the gap between the PSA and DSA approach are being pursued since quite some time. Two methods explored to bridge the gap between the PSA and DSA are the deterministic dynamic event tree approach was (DDET) and the cell-to-cell mapping technique (CCMT).. The theoretical basis for these approaches is given by the theory of probabilistic dynamics. While DDET techniques were successfully applied to some “real-life” problems, the situation is different for the other novel approaches with no applications to problems comparable to a NPP. It should also not be forgotten that the required computing resources necessary to deploy any of these approaches are significant. Meanwhile, computing resources are becoming or are available at the required level and support a new interest in approaches integrating/combining DSA and PSA. Combining DSA and PSA approaches found new interest in the context of the CSNI safety margin project (SMAP) and it’s follow up pilot study (SM2A). The motivation for this study was the general observation that plant modifications such as power up-rates lead to erosion of margin that remains largely un-quantified in the current licensing framework. SMAP proposed a framework for the evaluation of generalized safety margin that relies on the combination of DSA and PSA. Conceptually, the enveloping of sequences and parameters is abandoned: The plant simulations are performed according to the BEPU approach, and also the event tree (ET) binning is avoided as much as feasible. As such, it also allows for safety assessments according to “Option 4”. Furthermore, combining DSA and PSA in a consistent manner naturally leads to the application of DDET. Now, if DDET represents the ideal target methodology that unfortunately requires significant resources (both human and computational), a graded approach towards improving safety assessments is advisable: Both DSA and PSA have matured over the years and constitute state-of-the-art, but only limited experience is available with the application of the innovative combined approaches. Therefore, preserving the mature techniques and making best use of them is the ambition of Integrated Deterministic and Probabilistic Safety Assessment (IDPSA). IDPSA stands for a whole family of approaches that consider both deterministic and probabilistic aspects. The most rigorous ones are based on DDET. Combining DSA and PSA approaches found new interest in the context of the CSNI safety margin project (SMAP) and it’s follow up pilot study (SM2A). The most advanced DDET methods and tools which have already been used for analyzing complex realistic scenarios are the ADAPT method (Analysis of Dynamic Accident Progression Trees) developed at OSU with support from the Sandia National Laboratory (SNL), and the MCDET method (a combination of Monte Carlo simulation and the DDET approach) developed at GRS. Motivating Factors Safety is central to the design, licensing, operation, and economics of NPPs. Consequently, there are strong motivations to better understand, characterize, and manage safety and its associated “margin.” Historically though, specific safety margin provisions have been formulated, primarily based on engineering judgment, and described by way of deterministic (or “mechanistic”) calculations. Improved understanding of both the qualitative and quantitative aspects of those safety margins is needed NPP applications such as: • Plant design changes: During the operational lifetime, a selection of plant changes are both proposed and implemented following appropriate application of regulatory and licensing processes. Further, many of these changes have both economic and safety implications. For example, NPP “stretch” and “extended” power up-rates may increase the plant production of power by as much as 20%. However, as part of these changes, the impacts (if any) to safety margins may need to be investigated using DSA, PSA and a combination of both DSA and PSA. • Operability issues: During normal NPP operations, a variety of off-normal situations may arise such as licensing issues (e.g., nearing a time limit during an allowable outage time configuration) to failures of systems, structures, or components (SSCs). Having an improved technical basis (supported by a synergy of PSA and DSA) related to these types of operability issues may provide an enhanced operational record (e.g., not having to shut down the plant by extending an allowable outage time) or a reduction in regulatory actions (e.g., understanding the safety margin by provide technical arguments related to safety limits). For example, as part of the USNRC’s Significance Determination Process (SDP), the USNRC staff “uses risk insights, where appropriate, to help USNRC inspectors and staff determine the safety or security significance of inspection findings.” Consequently, having an improved technical basis using a combination of PSA and DSA may provide evidence related to the implications of inspection findings. • Addressing beyond design basis accidents: In March 2011, as a result of the events at Fukushima, the USNRC established a task force to conduct a systematic and methodical review of NRC processes and regulations and determine if the agency should make additional improvements to its regulatory system. This task force, known as the near-term task force (NTTF) provided its recommendations in its report SECY-11-0137, Namely, recommendation No. 2.1 and 2.3 of this report pertained to external hazards. Furthermore, in 2011, the United States Congress mandated the NRC to require reactor licensees to re-evaluate the seismic, tsunami, flooding and other external hazards at their sites against current applicable Commission requirements and guidance for such licensees as expeditiously as possible. That Congressional mandate also required the NRC to require licensees to update the design basis for each reactor, if necessary based upon the evaluations and information collected. Consequently in 2012, the US NRC issued Requests for Information to request licensees to assimilate information in the areas of flood and seismic protection. At the present time, the design basis requirements for licensees for natural hazards such as flooding and seismic are primarily deterministic. However, the USNRC’s requests to the licensees are likely to prompt assimilation of information that is within as well as outside their design bases. The USNRC has to evaluate this information using an acceptable method to make determination on whether the design basis must be changed. Integration of DSA and PSA may provide one alternative approach to address this challenge. • Plant life beyond sixty years: The ability to better characterize and quantify safety margin holds the key to improved decision making about LWR design, operation, and plant life extension. A systematic approach to understanding safety margins would provide an important technical basis to the operational and regulatory analysis. Additional examples of the type of support provided for this application can be found in the DOE Program for the Light Water Reactor Sustainability program plan. Overall, purpose of the synergy-of-PSA-and-DSA ideas described in this report is to develop approaches for deployment in order to support the safety case management, including uncertainty, in order to improve decision making for NPPs. In this context, the management of uncertainty implies the ability to understand and control risks related to safety.
Synthesis of the IAEA Technical Meeting on Synergy between DSA and PSA
D'AURIA, FRANCESCO SAVERIO;
2012-01-01
Abstract
Safety assessment of a nuclear power plant (NPP) relies on a spectrum of approaches. Traditionally, deterministic analysis was extensively used to evaluate a relatively small set of so-called design-basis accidents. Initially, for these design-basis accidents, conservative calculations were performed to “envelop” the plant response and to evaluate the margin to the different acceptance limits. This corresponds largely to what is called “Option 1”. Later, best-estimate codes were developed first for thermal-hydraulic system analysis. These best-estimate codes have been widely adopted in safety assessments of nuclear power plants. Usage of this type of codes allows for both “Options 2 and 3”, depending if only conservative inputs are adopted or if a full uncertainty evaluation is being performed, i.e. “Best-Estimate Plus Uncertainty (BEPU). With the ground-breaking WASH-1400 study performed in 1975, probabilistic safety analyses (PSA) techniques were integrated into the NPP safety assessment focusing is on “beyond design basis” sequences. Over time, this novel approach that initially met considerable criticism was continuously developed and today represents a matured analysis technology regularly applied in the framework of NPP safety assessments. Since the PSA approach does not include plant dynamics directly, support from transient analysis was necessary for identifying/verifying success criteria. Furthermore, severe accident analysis codes and further analysis tools were used to determine the course of involved sequences and its likely consequences. Typically, these support calculations were performed on a best-estimate basis (without uncertainty evaluations). It should be noted that considering the time evolution of the plant responses and its impact on success criteria could only be achieved through an (resource-intensive) iteration procedure. It is therefore no surprise that attempts to bridge the gap between the PSA and DSA approach are being pursued since quite some time. Two methods explored to bridge the gap between the PSA and DSA are the deterministic dynamic event tree approach was (DDET) and the cell-to-cell mapping technique (CCMT).. The theoretical basis for these approaches is given by the theory of probabilistic dynamics. While DDET techniques were successfully applied to some “real-life” problems, the situation is different for the other novel approaches with no applications to problems comparable to a NPP. It should also not be forgotten that the required computing resources necessary to deploy any of these approaches are significant. Meanwhile, computing resources are becoming or are available at the required level and support a new interest in approaches integrating/combining DSA and PSA. Combining DSA and PSA approaches found new interest in the context of the CSNI safety margin project (SMAP) and it’s follow up pilot study (SM2A). The motivation for this study was the general observation that plant modifications such as power up-rates lead to erosion of margin that remains largely un-quantified in the current licensing framework. SMAP proposed a framework for the evaluation of generalized safety margin that relies on the combination of DSA and PSA. Conceptually, the enveloping of sequences and parameters is abandoned: The plant simulations are performed according to the BEPU approach, and also the event tree (ET) binning is avoided as much as feasible. As such, it also allows for safety assessments according to “Option 4”. Furthermore, combining DSA and PSA in a consistent manner naturally leads to the application of DDET. Now, if DDET represents the ideal target methodology that unfortunately requires significant resources (both human and computational), a graded approach towards improving safety assessments is advisable: Both DSA and PSA have matured over the years and constitute state-of-the-art, but only limited experience is available with the application of the innovative combined approaches. Therefore, preserving the mature techniques and making best use of them is the ambition of Integrated Deterministic and Probabilistic Safety Assessment (IDPSA). IDPSA stands for a whole family of approaches that consider both deterministic and probabilistic aspects. The most rigorous ones are based on DDET. Combining DSA and PSA approaches found new interest in the context of the CSNI safety margin project (SMAP) and it’s follow up pilot study (SM2A). The most advanced DDET methods and tools which have already been used for analyzing complex realistic scenarios are the ADAPT method (Analysis of Dynamic Accident Progression Trees) developed at OSU with support from the Sandia National Laboratory (SNL), and the MCDET method (a combination of Monte Carlo simulation and the DDET approach) developed at GRS. Motivating Factors Safety is central to the design, licensing, operation, and economics of NPPs. Consequently, there are strong motivations to better understand, characterize, and manage safety and its associated “margin.” Historically though, specific safety margin provisions have been formulated, primarily based on engineering judgment, and described by way of deterministic (or “mechanistic”) calculations. Improved understanding of both the qualitative and quantitative aspects of those safety margins is needed NPP applications such as: • Plant design changes: During the operational lifetime, a selection of plant changes are both proposed and implemented following appropriate application of regulatory and licensing processes. Further, many of these changes have both economic and safety implications. For example, NPP “stretch” and “extended” power up-rates may increase the plant production of power by as much as 20%. However, as part of these changes, the impacts (if any) to safety margins may need to be investigated using DSA, PSA and a combination of both DSA and PSA. • Operability issues: During normal NPP operations, a variety of off-normal situations may arise such as licensing issues (e.g., nearing a time limit during an allowable outage time configuration) to failures of systems, structures, or components (SSCs). Having an improved technical basis (supported by a synergy of PSA and DSA) related to these types of operability issues may provide an enhanced operational record (e.g., not having to shut down the plant by extending an allowable outage time) or a reduction in regulatory actions (e.g., understanding the safety margin by provide technical arguments related to safety limits). For example, as part of the USNRC’s Significance Determination Process (SDP), the USNRC staff “uses risk insights, where appropriate, to help USNRC inspectors and staff determine the safety or security significance of inspection findings.” Consequently, having an improved technical basis using a combination of PSA and DSA may provide evidence related to the implications of inspection findings. • Addressing beyond design basis accidents: In March 2011, as a result of the events at Fukushima, the USNRC established a task force to conduct a systematic and methodical review of NRC processes and regulations and determine if the agency should make additional improvements to its regulatory system. This task force, known as the near-term task force (NTTF) provided its recommendations in its report SECY-11-0137, Namely, recommendation No. 2.1 and 2.3 of this report pertained to external hazards. Furthermore, in 2011, the United States Congress mandated the NRC to require reactor licensees to re-evaluate the seismic, tsunami, flooding and other external hazards at their sites against current applicable Commission requirements and guidance for such licensees as expeditiously as possible. That Congressional mandate also required the NRC to require licensees to update the design basis for each reactor, if necessary based upon the evaluations and information collected. Consequently in 2012, the US NRC issued Requests for Information to request licensees to assimilate information in the areas of flood and seismic protection. At the present time, the design basis requirements for licensees for natural hazards such as flooding and seismic are primarily deterministic. However, the USNRC’s requests to the licensees are likely to prompt assimilation of information that is within as well as outside their design bases. The USNRC has to evaluate this information using an acceptable method to make determination on whether the design basis must be changed. Integration of DSA and PSA may provide one alternative approach to address this challenge. • Plant life beyond sixty years: The ability to better characterize and quantify safety margin holds the key to improved decision making about LWR design, operation, and plant life extension. A systematic approach to understanding safety margins would provide an important technical basis to the operational and regulatory analysis. Additional examples of the type of support provided for this application can be found in the DOE Program for the Light Water Reactor Sustainability program plan. Overall, purpose of the synergy-of-PSA-and-DSA ideas described in this report is to develop approaches for deployment in order to support the safety case management, including uncertainty, in order to improve decision making for NPPs. In this context, the management of uncertainty implies the ability to understand and control risks related to safety.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
