CSNCSN Interpretation of the PSA2 methodology on the light of the stimulus driven theory of probabilistic dynamics (SDTPD) José M. Izquierdo Subdirección de Tecnología Nuclear, CSN Area de Modelación y Simulación (MOSI) Consejo de Seguridad Nuclear (CSN) Spain Presented at: International Workshop on Level 2 PSA and Severe Accident Management GRS, Koln March 29 – 31, 2004
CSNCSN 1. Past CSN-MOSI activities in classical PSA2. 2. Past CSN-MOSI developments in advanced PSA. ISA simulation package 3. Motivation and main features of SDTPD. 4. Analysis-synthesis approach to PSA2. Division into subproblems. 5. Solving SDTPD equations: development of a software module to add to ISA package 6. Conclusions Contents
CSNCSN 1. Past CSN-MOSI NUREG 1150 activities (I) During 2000, CSN-MOSI performed a pilot study to assimilate NUREG-1150 by reproducing sustantial portions, as applied to a lead spanish PWR plant. We also incorporated classical PSA2 software into MOSI integrated simulation package. Among the conclusions: Results too dependent on engineering judgments. Variety of industry methods. Methods too old as of today. No theory to assess consistency. Main reference: “An integrated PSA approach to independent regulatory evaluations of nuclear safety assessments of spanish NPPs”. EUROSAFE Conference, Paris Nov 26,
CSNCSN 2. Past CSN-MOSI developments in PSA. The ISA methodology (I) The Integrated Sequence Analysis (ISA) methodology proposes the automatic delineation of the event trees. ISA capabilities entail: A unified theory, of which classical PSA is a limit case (cooperation with ULB). Tree structured simulation of sequences, to build up the event tree associated to a given initiating event New types of branching, like those derived from operator actions.
CSNCSN 2. ISA main code package (II)
CSNCSN 2. ISA main code package (III) Types of results. EOP assessment
CSNCSN 3. Motivation for SDTDP (I) Risk Informed Regulation Extended licensing use of PSA, requires consistency of all safety assessment techniques, probabilistic as well as deterministic. A unified theory able to explain present methods would be welcome for RIR. This may be provided by dynamic reliability techniques applied to: Precise problem statement. Precise division in subproblems. Solving subproblems and synthesizing results.
CSNCSN 3. Motivation for SDTPD (II) Technical reasons Main problem: consistent treatment of the dynamics of evolution of accidents (deterministic) and its interface with system reliability (PSA). Existing Markov approaches do not account for transition rates depending on process variables (temp, pressures). Theory of probabilistic dynamics (TPD) solves that, but requires that: after any event occurrence, the system is regenerated. It implies, for instance, that an event can not condition next events. TPD cannot model important information incorporated into the PSA models.
CSNCSN 3. Main features of SDTPD theory (I) Stimuli Stimulus: any situation that potentially causes, after a given time delay, an event to occur and subsequently a branching to take place. Examples: Containment spray setpoints, flammability conditions, alarms. TPD is unable to handle events that require stimulus activations, however stimulus implied almost always in PSA: house events, operator alarms, latent errors, conditioned phenomena. Stimulus history influences result (nonMarkov).
CSNCSN 3. Main features of SDTPD (II) Enlarging states Allows for stimulus, by enlarging the states to three main vectors : Vector x: describes process variables evolution Vector j: describes status of systems/components Vector I: describes status of stimulus Defines the ingoing density, probability density per unit time of entering a state, including allowance for the activation times of all stimuli, and for the last time of an event. Directly related with the exceedance frequency. Main field variable.
CSNCSN 3.-Main features of SDTPD theory (III) Field equations for exceedance frequency Closed, fully dynamic equations have been derived for the calculation of the sequence frequency, damage exceedance frequency, and stimulus activation frequency. Valid for sequences during accident time and for random events during the preaccident period. Reduces to TPD only if stimuli regenerate at all events. Summary paper to be presented in PSAM7. Separate copy distributed at this meeting.
CSNCSN 4.-Analysis-synthesis approach to PSA2. Application of SDTPD Rather than attempting to solve the overall SDTPD equations, the approach is to rigorously prove the consistency of its decomposition into smaller subproblems, each one with its own SDTDP equations. SDTDP formally states the overall problem, as well as any “well posed” subproblem. For instance, for loosely coupled portions of the plant model, SDTDP naturally requires ingoing density boundary conditions of the SDTPD equations. These ingoing densities also have their own SDTPD, rigorously decomposing the problem into subproblems of the same nature.
CSNCSN Statement of the problem made with the help of one or several integrated codes. Block diagrams built with explicit description of all headers (both phenomena and systems), as modelled in the reference codes. Block diagrams play in modelling the same role as pipe or electric/electronic diagrams play in system hydraulic or electric/electronic designs. They are used at several stages of the integrated codes development and are easy to develop with modern computing techniques. 4. Problem statement. The role of block diagrams
CSNCSN Subproblems defined according to: accident progression phases (invessel- exvessel, early or late). Each phase generates precursor sequences for the next, much like PSA1 sequences are precursors for PSA2. necessary conditions for source term damage (for instance, different modes of vessel and containment ruptures). loosely coupled plant system sets, like containment, reactor and its cavity, etc. Boundary conditions in-between sets, very important. 4. Division in subproblems. Basic criteria
CSNCSN 4. MELCOR versus ASTEC block diagrams MELCOR block diagrams help much in the delineation of the stages of the PSA2 method. Other codes as ASTEC, MAAP may be used with the same purpose. Due to the exploratory nature of the Event Tree delineation, use of large scope, integrated, fast running codes is more appropriate. MELCOR is becoming too heavy for this application.
CSNCSN 4. MELCOR block diagrams:examples
CSNCSN 5. SDTPD ISA software module The probability module of the ISA package is being adapted to include SDTPD equation solvers that interface with the plant module. It is necessary that the integrated code has such a modular flexibility as to resolve all types of subproblems, helping the user in the division process. A pilot plan is expected as part of the SARNET project PSA2 WP3. Accident management guidelines also expected to be integrated into the EOP module.
CSNCSN 6. Conclusions (I) CSN/MOSI is in the process to unify methods for independent regulatory assessment of RIR applications. The unification process includes a common and consistent approach to traditional accident dynamics as well as to system reliability techniques. Care is exercized to ensure that all prior engineering work is respected. At the same time the framework should be able to incorporate new information. Todays knowledge of severe accident phenomena allows for a more dynamic approach in PSA2.
CSNCSN Conclusions (II) SDTPD provides a framework for PSA2 code development. Incorporation of its solution into CSN-MOSI ISA package, should result in a more unified approach with the rest of PSA techniques and RIR applications, maintaining past engineering work effort. This is in line with SARNET integration policy purposes. The approach follows in paralel with traditional PSA techniques for problem decomposition, keeping the same overall structure and calculating the same type of results. However, it is expected to provide a more rigorous and defendable future methodology.