Overview of Deterministic Safety Analysis: Input Data, Verification & Validation, Conservative/BE Approaches (Part. 2) IAEA Training Course on Safety Assessment.

Slides:



Advertisements
Similar presentations
Verification and Validation
Advertisements

Software Quality Assurance Plan
RISK INFORMED APPROACHES FOR PLANT LIFE MANAGEMENT: REGULATORY AND INDUSTRY PERSPECTIVES Björn Wahlström.
5 december 2011 Living Probabilistic Asset Management Dr.ir. J.A. van den Bogaard.
Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.
6/23/2015 Risk-Informed Process and Tools for Permitting Hydrogen Fueling Stations Jeffrey LaChance 1, Andrei Tchouvelev 2, and Jim Ohi 3 1 Sandia National.
Testing an individual module
Main Requirements on Different Stages of the Licensing Process for New Nuclear Facilities Module 4.7 Commissioning Geoff Vaughan University of Central.
OHT 9.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 Chapter 9.3 Software Testing Strategies.
Chapter 11: Testing The dynamic verification of the behavior of a program on a finite set of test cases, suitable selected from the usually infinite execution.
Codex Guidelines for the Application of HACCP
Software Testing Verification and validation planning Software inspections Software Inspection vs. Testing Automated static analysis Cleanroom software.
Introduction to Systems Analysis and Design Trisha Cummings.
System Testing There are several steps in testing the system: –Function testing –Performance testing –Acceptance testing –Installation testing.
S/W Project Management
System Implementation. System Implementation and Seven major activities Coding Testing Installation Documentation Training Support Purpose To convert.
Introduction to ISO New and modified requirements.
What is Software Engineering? the application of a systematic, disciplined, quantifiable approach to the development, operation, and maintenance of software”
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Verification and Validation.
Information Systems Security Computer System Life Cycle Security.
Commissioning of Fire Protection and Life Safety Systems Presented by: Charles Kilfoil Bechtel National Waste Treatment Plant Richland WA.
CMSC 345 Fall 2000 Unit Testing. The testing process.
VTT-STUK assessment method for safety evaluation of safety-critical computer based systems - application in BE-SECBS project.
Chapter 6 : Software Metrics
NHUG - Boston - 08/04/20101 Considerations for Operability of Chillers and Chilled Water Systems NHUG Summer Meeting August 4, 2010 Tim Mitchell Component.
Topic (1)Software Engineering (601321)1 Introduction Complex and large SW. SW crises Expensive HW. Custom SW. Batch execution.
SENG521 (Fall SENG 521 Software Reliability & Testing Software Product & process Improvement using ISO (Part 3d) Department.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Software Verification, Validation and Testing.
Chapter 1 Program design Objectives To describe the steps in the program development process To introduce the current program design methodology To introduce.
Historical Aspects Origin of software engineering –NATO study group coined the term in 1967 Software crisis –Low quality, schedule delay, and cost overrun.
Main Requirements on Different Stages of the Licensing Process for New Nuclear Facilities Module 4.5/1 Design Geoff Vaughan University of Central Lancashire,
CMSC 345 Fall 2000 Requirements Overview. Work with customers to elicit requirements by asking questions, demonstrating similar systems, developing prototypes,
Specific Safety Requirements on Safety Assessment and Safety Cases for Predisposal Management of Radioactive Waste – GSR Part 5.
Submitted To: Rutvi sarang Submitted By: Kushal Bhagat.
IAEA International Atomic Energy Agency Methodology and Responsibilities for Periodic Safety Review for Research Reactors William Kennedy Research Reactor.
IAEA International Atomic Energy Agency IAEA Safety Standards for Research Reactors W. Kennedy Research Reactor Safety Section Division of Nuclear Installation.
Software Engineering1  Verification: The software should conform to its specification  Validation: The software should do what the user really requires.
Software Quality Assurance and Testing Fazal Rehman Shamil.
Human Reliability HUMAN RELIABILITY HUMAN ERROR
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Workshop Information IAEA Workshop Defence in Depth Safety Culture Lecturer.
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Common Cause Failure Analysis Workshop Information IAEA Workshop City, Country.
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
Overview of Deterministic Safety Analysis: Sensitivity & Uncertainty Analysis, Q.A. (Part. 3) IAEA Training Course on Safety Assessment of NPPs to Assist.
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Diablo Canyon NPP Probabilistic Risk Assessment Program Workshop Information.
HNDIT23082 Lecture 09:Software Testing. Validations and Verification Validation and verification ( V & V ) is the name given to the checking and analysis.
Safety Assessment of General Design Aspects of NPPs (Part 2) IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Workshop Information.
1 Phase Testing. Janice Regan, For each group of units Overview of Implementation phase Create Class Skeletons Define Implementation Plan (+ determine.
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making PSA Quantification. Analysis of Results Workshop Information IAEA Workshop.
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Workshop Information IAEA Workshop Safety Assessment Process. Plant Modification.
Low Power and Shutdown PSA IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Workshop Information IAEA Workshop City, Country.
Initiating Event Analysis IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Workshop Information IAEA Workshop City, Country.
Testing Overview Software Reliability Techniques Testing Concepts CEN 4010 Class 24 – 11/17.
Program Design. Simple Program Design, Fourth Edition Chapter 1 2 Objectives In this chapter you will be able to: Describe the steps in the program development.
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Diablo Canyon NPP Maintenance Rule Program Workshop Information IAEA Workshop.
What is a software? Computer Software, or just Software, is the collection of computer programs and related data that provide the instructions telling.
Verification vs. Validation Verification: "Are we building the product right?" The software should conform to its specification.The software should conform.
Software Design and Development Development Methodoligies Computing Science.
IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making “Overview of Level 2 PSA” Workshop Information IAEA Workshop City, Country.
International Atomic Energy Agency Implementation of a Risk-Informed Approach into the Legislative and Regulatory Framework SNRCU Annual Topical Meeting.
Use and Conduct of Safety Analysis IAEA Training Course on Safety Assessment of NPPs to Assist Decission Making Workshop Information IAEA Workshop Lecturer.
Laurea Triennale in Informatica – Corso di Ingegneria del Software I – A.A. 2006/2007 Andrea Polini XVII. Verification and Validation.
CSC 480 Software Engineering
IEEE Std 1074: Standard for Software Lifecycle
Verification & Validation
Flooding Walkdown Guidance
IS442 Information Systems Engineering
BASIC PROFESSIONAL TRAINING COURSE Module III Basic principles of nuclear safety Case Studies Version 1.0, May 2015 This material was prepared.
Lecture 09:Software Testing
Verification and Validation Unit Testing
Test Case Test case Describes an input Description and an expected output Description. Test case ID Section 1: Before execution Section 2: After execution.
Presentation transcript:

Overview of Deterministic Safety Analysis: Input Data, Verification & Validation, Conservative/BE Approaches (Part. 2) IAEA Training Course on Safety Assessment of NPPs to Assist Decision Making Workshop Information IAEA Workshop Lecturer Lesson IV 2_2 City, Country XX - XX Month, Year

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 2 Input Data Preparation – –The construction of the input data to a Safety Analysis must be subject of an adequate Quality Assurance programme. All sources of data must be referenced and documented. The whole process must be recorded and archived to allow independent checking.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 3 Input Data Preparation – –Input data to a conservative DSA: Conservative initial values of the plant variables. Conservative boundary conditions through the transient (e.g. systems and operator performances). Conservative physical models in the code. – –Different degrees of conservatism: Most variables are set to “high” values (taking account of their probability distribution functions). E.g.: average value plus “two sigma”, or 95 percentile… Some variables can be set to extremely high values. E.g.: values established in Appendix K to 10 CFR 50, for LOCA analysis.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 4 Input Data Preparation – –Conservative assumptions made for DB analysis: Initiating event occurs at an unfavourable time. Control systems operate only if their functioning would aggravate the effects of the initiating event. No credit for mitigation. All plant systems and equipment no designed as safety grade (full QA, seismic and equipment qualification) should be assumed to fail causing the most severe effects for the PIE Worst single failure assumed in the operation of the safety groups required for the initiating event. For redundant systems it is often assumed running of minimum number of trains.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 5 Input Data Preparation Safety systems assumed to operate at their minimum performance levels. Structures, systems or components that do not have proven full operability during the accident should be assumed unavailable. Actions of the plant staff to prevent or mitigate the accident are only modelled when it is shown that there is sufficient time to perform them, and that procedures and training are adequate.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 6 Input Data Preparation – –DB analysis should include any failures which could occur as a consequence of the IE, including: If the IE is part of an electrical distribution system, all the equipment powered from that part will be unavailable. If the IE is an “energetic event” (failure of pressurised system), failure of the equipment that could be affected. Fire, floods or external events: failure of the equipment neither designed nor protected against the effects.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 7 Input Data Preparation – –For AOOs, the deterministic SA should include many of the conservative assumption of the DBA analysis, especially those related to the systems for maintaining critical safety functions. But it’s not necessary to assume unavailability of all non-safety systems and equipment or no credit to mitigation by control systems, unless the PIE impose it.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 8 Input Data Preparation – –Input data to a best-estimate DSA: Plant and model parameters and variables that will participate in the uncertainty analysis: set to realistic values. But the input is not a single value, rather a probability density function (pdf). Variables and parameters that will not intervene in the uncertainty analysis will be set to conservative values. – –Both conservative and BE analysis need to know the probability distribution of the uncertain variables and parameters. But the knowledge must be finer for the BE approach, coarser for the conservative one.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 9 Verification and Validation – –Verification and Validation (V&V) of computer codes for safety analysis: Systematic approach for improving reliability of computer codes and reduce risk of incorrect application. Activities that can be performed in parallel with the code development process, or a posteriori. The project sponsor should determine the level and modality of V&V efforts. – –ANSI/ANS

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 10 Verification and Validation – –Verification: process of evaluating the products of a software development phase to provide assurance that they meet the requirements defined for them by the previous phases. – –Validation: process of testing a code and evaluating the results to ensure compliance with specified requirements. Testing is carried out by the code developer. Must be evaluated, supplemented or independently performed by a separate V&V team.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 11 Verification and Validation VALIDACIÓN VERIFICATION REALITY  MATH MODEL  CODE DESIGN  CODE

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 12 Verification and Validation The code is validated when tests results are shown to meet criteria previously stated. – –V&V activities are performed by the code developer or by an independent V&V team. – –Model/user qualification is considerably simplified if the codes involved have been adequately V&V.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 13 Verification and Validation “PARALLEL” V&V – –Software development phases (orientative): Initiation Requirements definitions Design Coding Integration and testing Installation Operation and maintenance

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 14 Verification and Validation – –Details of the V&V process: in each phase: Results should be documented and reported. Each V&V activity should produce a report describing both the positive and negative results of the analysis or testing performed. If V&V findings require revisions to the documents and products that are being verified, the modified ones should be reverified before the next phase begins. Checklists (containing questions that must be answered) should be used in the verification process.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 15 Verification and Validation – –Example of checklist for verification

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 16 Verification and Validation INITIATION PHASE – – The products generated: Statement of the problem Management Plan, that form the basis of the development and V&V efforts of the project. Includes V&V planning:  Who will perform it  Level of effort  Activities  Responsibilities  Products, schedule, reporting...

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 17 Verification and Validation DEFINITION PHASE: – – Preparation of the V&V plan, according with the Management Plan. Topics included: V&V plan description V&V approach: activities, tools, documents… V&V project organization an management – – Verification of requirements : A document of “Requirements Specification” (RS) is produced, that form the foundation both for code development and V&V RS identifies inputs, outputs, interfaces, models to be used, acceptance criteria for the code, basis for verifying the code...

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 18 Verification and Validation RS must be verified: this has a positive impact in the improvement of software quality – – Development of preliminary test plans: A Test Plan specifies all activities required for program validation, including descriptions of all test cases. The software testing is carried out by: Only the developer. Developer, then evaluated by IV&V team. Developer, evaluated by IV&V team, who in addition performs a full, independent test effort. Both developer and IV&V team perform full, independent test efforts.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 19 Verification and Validation – – Verification of preliminary Test Plans, conforming to RS and V&V and Management Plans. DESIGN PHASE: – – Verification of design. – – Verification of the preliminary program documentation, to ensure that code input descriptions are sufficient to permit test planning. – – Update of Test Plans: additional tests may be needed. – – Verification of the updated Tests Plans: consistency with previous documents.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 20 Verification and Validation CODING PHASE: – – Verification of source code: Source code (list of machine-readable statements, usually in a high level language) should be a clear and correct representation of the design specification. Includes manual code inspection. – – Verification of the updated code documentation. – – Completion of final Test Plans and building of Test Data Bases: input data for each test case is generated. – – Verification of final Test Plans and Test Data Bases.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 21 Verification and Validation INTEGRATION AND TESTING PHASE: – – Verification of code integration: The source code together with all necessary components form an operational package. Compilation and loading generates the integrate code, which is the final product, on which Test Plans will be executed. – – Execution of the Test Plans - Validation: Test cases are executed, and results evaluated and compared to their expected values stated in RS. This is used to produce a “total performance envelope” for the code, that must meet acceptance criteria. A test report is prepared.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 22 Verification and Validation – – Verification of test results, with evaluation of the Test Report and test outputs. INSTALLATION PHASE: – – Verification of the installation package: The package includes installation procedures, files that must be installed, selected test case data for verifying installation. The package, once verified, may be used for backup and distribution. – – Verification of the final code documentation, including user manual, mathematical background, programmer manual, etc. – – Preparation of final V&V report, summarizing all activities.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 23 Verification and Validation OPERATION AND MAINTENANCE PHASE: – – Modifications in the operating environment, to accommodate upgrades in system software or hardware. Some test cases could be rerun. – – Code modifications, if errors are discovered during operation, or operating environment has changed, or requirements have been changed. When the code is modified: Test Plans should be reviewed. Selected cases rerun. Maybe new cases introduced.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 24 Verification and Validation

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 25 Verification and Validation V&V OF EXISTING CODES: – – Sometimes parallel V&V may be inappropriate. (e.g.: research project whose end product is the code). Then a posteriori V&V review (or “Design Review”) is used. – – Purpose: determine whether the code produces valid response when applied to problems in some domain. – – Results in document “V&V Review Report” – – Phases: Preparation of V&V Review Plan Determination of Code Requirements (applications, models, numerics, valid responses,etc), which must be verified Review of code design, even verification

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 26 Verification and Validation Review of source code, code integration and documentation Review of code testing: adequacy of test coverage Review or test results - validation :  Range of validity: determined on the basis of physical observations, analytic means, comparison with validated programs  In many cases, the code being reviewed is the only tool capable of analyzing the problems of interest. Physical observations may be available only for simplified, distorted conditions, and analytic results only for trivialized cases. The validation becomes a more subjective process, dependent of judgement of V&V team V&V Review Report

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 27 Conservative vs. Best-estimate approaches – –Deterministic Safety Analysis has been traditionally carried out with a conservative or pessimistic bias. – –As described in previous section, conservative DSA makes use of pessimistic assumptions everywhere, so that the results of the analyses are expected to be “worse” than realistic ones (“bounding”): Conservative initial and boundary conditions. Models in the computer codes are chosen as conservative.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 28 Conservative vs. Best-estimate approaches – –Conservative DSA have been very popular, because it is relatively “easy” to perform. But the convenience of such an approach does not “excuse” the analyzer from being aware of the accuracy of the models and assumptions. – –A very characteristic example of conservative analysis: LOCA analysis for LWR according to section 46 and appendix K to 10 CFR 50. The conservativeness imposed by the appendix K requirements is very large, because some parameters/models are given overwhelmingly pessimistic values.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 29 Conservative vs. Best-estimate approaches – –Conservatisms imposed by the Appendix K to 10 CFR 50: Stored energy: initial steady temperatures chosen so as to maximize the strored energy in the fuel. Decay heat: heat generation rate from radioactive decay are 1.2 times the 1971 ANS Standard (this is a overestimation of about five standard deviations !!!). Metal-water reaction: conservative Baker-Just model. If cladding ruptures, both inner and outer surfaces are assumed to react.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 30 Conservative vs. Best-estimate approaches Discharge from break: critical flow is based on the conservative Moody model multiplied by discharge coefficients (from 0.6 to 1.0) that lead to the worst results. ECCS bypass: during most of the blowdown period for a PWR cold leg break, the ECCS water is assumed to be ineffective in refilling the system. No return to nucleate or transition boiling: once CHF has occurred in the blowdown period, no return to nucleate or transition boiling is allowed during blowdown; it must be postponed until the reflood period.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 31 Conservative vs. Best-estimate approaches Film boiling correlations, chosen to underpredict data. Single failure: it is assumed that one of the ECCS components fails, and the failure leading to the highest damage is chosen. – –Acceptance criteria for a LOCA Analysis (after 10 CFR 50.46) Peak cladding temperature (PCT) lower than 2200 ºF. Maximum cladding oxidation lower than 0.17 times the total cladding thickness before oxidation. If cladding rupture is predicted, the inside surfaces will participate in the oxidation.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 32 Conservative vs. Best-estimate approaches Maximum hydrogen generation resulting from the cladding oxidation: lower 0.01 times the amount that would be generated if all the cladding metal were to react. Core geometry will remain amenable to cooling. Long-term cooling.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 33 Conservative vs. Best-estimate approaches –Best-estimate or realistic DSA: Starting to develop in recent years, when the capabilities for simulating the phenomenology originated by accidents has increased. Try to unbiasedly reproduce the real plant behaviour during an accident or transient. Realistic models and assumptions. Must include an uncertainty analysis for the important results, that must be given with an “error interval”.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 34 Conservative vs. Best-estimate approaches –The advantages of a realistic DSA: In principle, being realistic is harder that being pessimistic. Conservative models can be simple. Robust demonstration that there are large safety margins. In both approaches you must know the accuracy of your models and assumptions. But in the BE approach you must quantify such accuracy (uncertainty study). Given an accident scenario in a plant, a conservative analysis can make use of only one or some few computer code runs. But in a BE analysis you need “many” computer runs, in order to carry out the uncertainty analysis.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 35 Conservative vs. Best-estimate approaches –The advantages of a realistic DSA: You look for the “real” performance of your plant. Conservative methodologies use to be physically unrealistic (misleading sequences of events, unrealistic time scales, missing of physical phenomena). BE calculations can provide guidance in developing accident management plans. Lower margins : safety margins adopted for a plant with a conservative approach may be unnecessarily large. BE margins may permit augment reactor power. You have a precise idea about the sensitivity of the calculations to variables and parameters.

IAEA Training Course on Safety Assessment of NPPs to assist Decision Making 36 Conservative vs. Best-estimate approaches –Best-estimate LOCA analysis: Recently developed methodologies. Makes use of realistic assumptions and codes: TRAC-P, TRAC-B, RELAP5, COBRA-TRAC,…that incorporate state- of-the-art models. Must include an uncertainty analysis. Drops out the Appendix K requirements. Regulatory door open:  SECY  1988 revision of 10 CFR 50  Regulatory Guide (1989)  CSAU Methodology (1989)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.