Isograph Reliability Software RiskVu V3

Isograph Reliability Software ESSM – The first risk monitor ? Essential Systems Status Monitor Installed at Heysham II AGR in the UK Honeywell DPS6/92 mini-computer Accessed by control room staff in an operational environment

Isograph Reliability Software ESSM

Isograph Reliability Software ESSM Before the ESSM only operating rules were used to stipulate minum levels of redundancy –Needed to be concise and unambiguous –Conservative

Isograph Reliability Software ESSM Provided risk assessments based on fault tree methodology Fault trees similar to those used in off-line PSAs Modelled systems such as –Post-trip sequencing equipment –Pressure support system –Start/standby boiler feed system –Emergency boiler feed system –Essential electrical system

Isograph Reliability Software ESSM –Decay heat boiler system –Reactor seawater system –Inlet guide vane system –Gas circulators –Circulator auxiliaries cooling system –Circulation diverse cooling system

Isograph Reliability Software ESSM Fault trees for AGRs very complex –Large number of gates and events –High degree of redundancy –Interlinked systems with common failures (no appreciable modularisation possible) –Efficient Boolean Algebra methods required to produce the minimal cut sets

Isograph Reliability Software ESSM Functionality Probabilistic safety assessments within one or two minutes Assessments take into account plant status –Component faults –Scheduled maintenance outages –Plant configuration Results provided in terms of maintenance categories corresponding to bands of probability frequencies

Isograph Reliability Software ESSM Functionality Deterministic operating rules –Using deterministic fault trees Restoration advice –Using path set methodolgy Maintenance planning office –What-if scenarios

Isograph Reliability Software Adapting Fault Trees for Use with a Risk Monitor House events –Configuration changes –Temporary outages Failure data modification –Increase or decrease of failure rate during an operational phase

Isograph Reliability Software Adapting Fault Trees for Use with a Risk Monitor

Isograph Reliability Software Quantifying Risk Using Event Trees Hazardous event (initiator) Enabling events –Protection system failures –Conditional events Consequences –Probability frequency –Severity –Risk = frequency x severity

Isograph Reliability Software The RiskVu Risk Monitor

Isograph Reliability Software RiskVu Version 3 – Expected release January 2003 COTS product Links with FaultTree+ project files Allows operational risk models to be monitored using integrated –Fault tree analysis –Event tree analysis –Markov analysis

Isograph Reliability Software Using RiskVu as an Operational Tool Nuclear systems Aircraft systems Naval applications Process and production plants

Isograph Reliability Software RiskVu Naval Example

Isograph Reliability Software RiskVu Functionality RiskVu events –Component events Linked to fault tree basic events –Configuration events Linked to fault tree house events –System events Linked to fault tree gates –Group facility

Isograph Reliability Software RiskVu Functionality Probabilistic risk assessment –10 categories of risk –Customisable risk levels –Allowed operating time –High precision and low precision assesments Historical assessment log –Time based risk profile

Isograph Reliability Software RiskVu Historical Log

Isograph Reliability Software RiskVu Functionality Priority restoration rankings –Largest reduction in risk if restored Planned maintenance profiles Hierarchy Diagram –Multiple dynamic systems –Events –Groups –Profiles Schematic Diagram Planned maintenance time profile

Isograph Reliability Software Using RiskVu for Design Comparisons and Operational Phase Modelling Alternative design profiles –Configuration events E.g for different redundancy options –Component failure rate and test interval modification Operational phase modelling –Build time profiles Configuration event changes at specified times Failure rate changes at specified times

Isograph Reliability Software RiskVu Data Display Graphs and charts Filtered and sorted lists –Component outages –Configuration changes –Importance rankings Dynamic schematic displays

Isograph Reliability Software RiskVu Comparison Chart

Isograph Reliability Software RiskVu Answers questions such as : Is the plant in a safe condition to continue in operation ? Is it safe to start a mission ? What are the effects of design changes on safety ? What is the actual achieved availability history of the plant ? What are the most critical items in the system ? How can we optimize the planned maintenance schedule ?

Isograph Reliability Software RiskVu Answers questions such as : What is the effect on risk of changing test intervals ? What is the effect on risk of item failure rate changes ? What is the effect of a change of system configuration on overall risk ? What is the comparative risk from different design options ?