Presentation is loading. Please wait.

Presentation is loading. Please wait.

Version 1.0, May 2015 SHORT COURSE

Published byElinor Spencer Modified over 6 years ago

Similar presentations

Presentation on theme: "Version 1.0, May 2015 SHORT COURSE"— Presentation transcript:

1 Version 1.0, May 2015 SHORT COURSE
BASIC PROFESSIONAL TRAINING COURSE Module VIII Integrated risk informed decision making Version 1.0, May 2015 SHORT COURSE This material was prepared by the IAEA and co-funded by the European Union. 

2 INTEGRATED RISK INFORMED DECISION MAKING
Learning objectives After completing this chapter, the trainee will be able to: Describe the fundamental safety objectives. Define design extension conditions. Describe integrated risk-informed decision making process.

3 INTEGRATED RISK INFORMED DECISION MAKING – Introduction
IAEA SF-1: Fundamental Safety Objective is to protect people and the environment from the harmful effects of ionizing radiation. To achieve this objective, a comprehensive safety analysis needed. Initially DSA used as guidance for design and operation: Defence-in-depth; Safety margins; Single failure criterion; Etc. The IAEA Safety Fundamentals, SF-1 states that the fundamental safety objective is to protect people and the environment from harmful effects of ionizing radiation. In order to achieve this safety objective, a comprehensive safety analyses need to be performed. Historically, the guiding principles for design and operation of nuclear power plants (NPPs) were deterministic requirements. The main elements were defence-in-depth provisions, safety margins, compliance with the single failure criterion, and some other. The associated implications were that if deterministic requirements (or criteria) are met for an NPP, the plant is safe enough, and the residual risk of unacceptable radiological releases is sufficiently low.

4 Introduction – cont. DSA presumed that residual risk of unacceptable radiological releases is sufficiently low. It did not however define “how low is low enough”. The accidents have shown that qualitatively assured “low risk” was not always the case. PSA technology started in 1975 with WASH 1400. Qualitative assessment of risk and gives answers to: What can go wrong? How likely is it? What are the consequences? The deterministic safety assessment approach provided a kind of qualitative assurance that the risk of unacceptable radiological releases associated with operation of a nuclear installation is acceptably low. However, the answer to the question “how low is low enough?” has not been obtained with this approach. The known accidents at NPPs showed that the qualitatively assured ‘low risk’ was not always the case. The PSA technology that started in 1975 with the famous study WASH-1400 [2] provided the possibility to get new additional safety-related insights and unambiguously quantitatively assess the risk dealing with operation of a particular NPP. In difference from the deterministic approach, the probabilistic approach has an aim to give answers to the questions: What can go wrong? How likely is it? What are the consequences?

5 Introduction – cont. The main advantages of PSA:
CDF; Frequency of radioactive release; Frequency of harmful health effects for the population; Other consequences. “Measure” of compliance with quantitative safety goals. The main advantage of PSA is that it is capable to quantitatively assess and represent the risks associated with undesirable consequences from operation of NPP (e.g., core damage frequency, frequencies of radioactive releases, and frequencies of harmful health effects for the population and other consequences). PSA allows to ‘measure’ compliance with quantitative safety goals if defined.

6 Introduction – cont. DSA and PSA used throughout the design process to ensure that: All safety requirements are met; Throughout all stages of plant life; Design as delivered meets requirements for: Manufacture; Construction; As built; As operated; As modified. Comprehensive deterministic safety assessments and probabilistic safety assessments are carried out throughout the design process for a nuclear power plant to ensure that all safety requirements on the design of the plant are met throughout all stages of the lifetime of the plant, and to confirm that the design, as delivered, meets requirements for manufacture and for construction, and as built, as operated and as modified.

7 Introduction – cont. Design extension conditions (DEC) concept – how far is far enough in going beyond design basis. Design extension conditions are derived on the basis of: Engineering judgment; Deterministic assessments; Probabilistic assessments. The question how far is far enough in expanding or going beyond the design basis has been tackled by the introduction of the design extension conditions concept. A set of design extension conditions is derived on the basis of engineering judgement, deterministic assessments and probabilistic assessments.

8 Introduction – cont. DSA and PSA are complementary.
Structured framework needed to combine both. Balanced approach needed to integrate all factors to achieve an integrated decision making process. This is achieved through the so called Integrated Risk Informed Decision Making (IRIDM). Deterministic and probabilistic analyses yield outputs that are complementary to each other. There is thus a need to use a structured framework for consideration of deterministic and probabilistic techniques and findings. In this process, it is appropriate to encourage a balance between deterministic approaches, probabilistic analyses and other factors in order to achieve an integrated decision making process that serves in an optimal fashion to ensure nuclear reactor safety. This framework is termed ‘integrated risk informed decision making’ (IRIDM). IRIDM depends on the integration of a wide variety of information, insights and perspectives, as well as the commitment of designers, operators and regulatory authorities to use risk information in their decisions.

9 Introduction – cont. IRIDM process integrates: DSA; PSA;
Engineering practices; Operating experience; Management arrangements. PSA and probabilistic safety targets provide risk metrics to support decisions on nuclear safety matters. Targets may be set for the probability of core damage and for early releases. Apart from deterministic and probabilistic insights, other aspects such as good engineering practices, consideration of operating experience and sound management arrangements, etc. have to be taken into account in the integrated risk informed decision making process.

10 ADVANTAGES AND LIMITATIONS OF DSA AND PSA
Learning objectives After completing this chapter, the trainee will be able to: List the advantages and limitations of DSA. List the advantages and limitations of PSA.

11 Advantages of DSA The deterministic analysis is based on postulated accident scenarios. PIE. Conservative models and initial and boundary conditions compensate for uncertainties. FOE can bring new requirements. Vast experience accumulated in the application of DSA. Deterministic approach is based on postulated accident scenarios. The design is such that the plant is capable to cope with a set of postulated initiating events. Conservative assumptions and safety margins are used to compensate for uncertainties if they are not being calculated. Sustained improvement in safety and safety performance is pursued following upgrading plans after operational events (incidents) and accidents. Sometimes, new deterministic requirements emerge as a feedback from the operational events. Deterministic safety assessment being practiced for a long time since the beginning of the nuclear energy industry has accumulated a vast amount of experience in its application and is well understood by all stakeholders involved in the design, operation, and regulation of NPPs.

12 Limitations of DSA DSA implicitly includes some judgments on probabilities such as: Exclusion of accidents from the design basis, Classification of SSCs. This may lead to inconsistencies in requirements, unbalancing safety measures and introducing an excessive burden. Not all the dependencies are accounted for in a such complex facility. Application of only deterministic concept might not bring a balanced design. For proposed modifications it may not be possible to determine which options bring greater risk reduction. Broader set of threats may not be considered. The DSA implicitly includes some judgements (sometimes arbitrary) on probabilities (e.g. exclusion of accidents from the design basis, classification of systems, structures and components (SSCs), etc.); this may lead to possible inconsistencies in requirements and decisions, unbalancing safety measures and introducing excessive burden. The DSA analysis might not be able to account for all dependencies existing at such complex facility as NPP including those that are either due to interconnections in support systems or caused by initiating event, internal and external hazard or human action. Application of solely deterministic concepts to the design provisions, may not lead to a balanced design or overprovision in same areas. Where improvements are proposed, it may not be possible to determine which options give greater risk reduction. In addition, DSA possesses difficulties to consider a broader set of safety threats, ranking them, identifying and assessing uncertainties.

13 Advantages of PSA PSA evaluates much broader set of accident scenarios. Output is given as the probability of a particular consequence. Apart from the numerical estimation of risk, PSA gives also: Information on the way faults may develop; Information on the balance of risk; Points out areas of weaknesses; Confirm the adequacy of defence in depth provisions. Therefore unnecessary conservatism can be reduced. Deterministic analyses cover a subset of initiating faults and fault sequences, chosen as representative of more extreme events in the expectation that they will provide information relevant to safety requirements including the less extreme faults and sequences. PSA evaluates a much wider set of accidents and thus it gives a better balanced assessment of the installation and can complement the deterministic approach. The output of a PSA is usually given as the frequency or probability of a particular consequence. However, the value of PSA does not only lie in the numerical estimation of risk. As it is a structured approach to the way faults may develop it can provide valuable information on the balance of the risks, point out areas of weakness where improvements can be sought and confirm the adequacy of defence in depth provisions. This means that it may be possible to reduce unnecessary conservatisms in areas less relevant to risk and provide additional requirements in areas not covered by the deterministic analyses.

14 Limitations of PSA Limitations of PSA are:
Completeness of fault identification; Completeness of fault sequence development; Availability of data, in particular plant specific data; Uncertainties in phenomenological modelling; Data and quantification of human error; Etc. Results are dependent on the assumptions made and data used. Better and less uncertain data obtained later change the calculated risk, even though the actual plant risk remains the same. Not all factors can be estimated quantitatively, and even a good PSA will have limitations. Such issues as completeness of fault identification and fault sequence development, availability of data, particularly plant-specific data, uncertainties in phenomenological modelling, data, and quantification of human factors contribute to these limitations. The structured approach, often allows greater clarity of where these limitations exist, which may be disguised in other approaches but they mean that a careful consideration when using PSA results is needed depending on the application. The PSA outputs are an estimate of the risks and the numerical values obtained are uncertain as they are dependent on the assumptions and data employed. They are theoretical constructs which should be seen as a measure of the risks not as values of some intrinsic properties of the installation. Thus a re-estimation, using different assumptions may give different values, but this should not be taken as meaning that the actual risk has changed. In particular, increased knowledge may allow conservatisms to be reduced which may mean the calculated risks increase, whereas in practice there has been no change, but the increased knowledge of the installation and its behaviour would suggest that in fact safety has been improved.

15 REGULATORY REQUIREMENTS FOR COMBINING DSA AND PSA
Learning objectives After completing this chapter, the trainee will be able to: Define high level safety goals and health objectives. Recognize the terms core damage frequency, large early release frequency and conditional containment failure probability. Describe the concept of the frequency-consequence curve. Define safety goals for existing and new reactors.

16 High level goals and health objectives
In some countries high level goals specified by RB in terms of: Individual risk of prompt fatality; Risk of cancer from nuclear accident. Because of complexity of verifying these goals, surrogate risk objectives defined in terms of: Core Damage Frequency (CDF); Large Early Release Frequency (LERF); Conditional Containment Failure Probability (CCFP). In some countries, high level goals or health objectives are specified by the regulatory body in terms of limits for the individual risk of prompt fatality and the risk of cancer from nuclear accidents. However, because of the complexity of verifying these goals, subsidiary risk objectives were introduced. For example, surrogate risk objectives were defined in terms of limits for: Core Damage Frequency (CDF), Large Early Release Frequency (LERF), Conditional Containment Failure Probability (CCFP).

17 High level goals and health objectives – cont.
Dose – frequency curve. More likely is the event to happen, more stringent are the requirements. In addition some countries specify a frequency limit for the release of 137Cs or the equivalent. In addition some countries specify limit for applying countermeasures such as banning local food and evacuating the population. In some countries for reactors are designed to comply with a dose/frequency curve as shown on the next slide. The curve illustrates that more likely is an event to happen, more stringent are requirements for the acceptable dose. In addition to requiring the design to comply with a dose/frequency curve, some regulatory bodies require the societal risk to be controlled by specifying a frequency limit for the release of a specified amount of 137Cs or the equivalent. In addition, some countries specify a frequency limit for applying countermeasures such as banning food and evacuating members of the public.

18 Dose-frequency curve

19 Safety goals Safety goal is a quantitative value to be achieved by NPP designers and operators in their efforts to minimize the radiation risk to the population. Safety goals for NPPs as stated in INSAG-12: For existing plants CDF ≤ 10–4 and LERF ≤ 10–5 . For new plants CDF ≤ 10–5 and LERF ≤ 10–6 . The term ‘safety goal’ is often perceived as a quantitative value characterising the level of risk that is viewed as a goal to be achieved by NPP designers and operators in their effort aimed at minimizing the radiation risk for population. The approaches to establishing and using safety goals are different in Member States. The safety goals for NPPs are stated in the IAEA publication INSAG-12. These are formulated as follows: The target for existing nuclear power plants … is a frequency of occurrence of severe core damage that is below about 10–4 events per plant operating year. Severe accident management and mitigation measures could reduce by a factor of at least ten the probability of large off-site releases requiring short term off-site response. Application of all safety principles and the objectives … to future plants could lead to the achievement of an improved goal of not more than 10–5 severe core damage events per plant operating year. Another objective for these future plants is the practical elimination of accident sequences that could lead to large early radioactive releases, whereas severe accidents that could imply late containment failure would be considered in the design process with realistic assumptions and best estimate analyses so that their consequences would necessitate only protective measures limited in area and in time. Health effects to members of the public: INSAG has given no guidance on the targets for health effects for members of the public. In some countries the target for the risk of a death of a member of the public is taken to be 10–6 per reactor-year.

20 INTEGRATED RISK INFORMED DECISION MAKING
Learning objectives After completing this chapter, the trainee will be able to: Define the basic elements of the IRIDM process. Identify all elements that need to be taken into account when performing the IRIDM process. Explain the advantages of performing the IRIDM process.

21 IRIDM process IRIDM process is a robust and unambiguous way for decision making. Apart from DSA and PSA it includes also other factors such as: Organizational factors (management systems and operational experience); Security considerations; Existing standards and good practice; Other considerations including personnel radiation doses, economic factors, and research results. Weighting factor is assigned to each factor. A multidisciplinary team of experts necessary. While making a decision on any issue dealing with NPP safety, DSA and PSA results are not the only determinants in the decision making process. It is widely recognized, that other important considerations have to be addressed. The process of decision making that takes into account many aspects in a robust and unambiguous way is called Integrated Risk Informed Decision Making (IRIDM). Along with PSA and DSA considerations, other factors influencing the decision include: organizational factors (management systems and operational experience); security considerations; existing standards and good practice; other considerations including radiation doses for personnel, economic factors, research results. Weighting coefficients are assigned for each factor to assist in this decision making process. A multi-disciplinary team of experts have to be formed to be able to arrive at a sound and optimum decision.

22 IRIDM process – cont. Standards and Good Practices
The standards to be taken into account include those developed by: International organizations; National regulatory bodies; Engineering organizations; International standards groups; Vendor owner groups; Others. Good practices include practices from: Personal or specific operating experience, Other utilities, Nuclear industry in general. Standards to be taken into account include standards developed by international organizations, national regulatory bodies, engineering organizations, international standards groups, vendor owner groups and many others. Good practices include practices from their own operating experience, from experience of other utilities and from the industry in general.

23 IRIDM process – cont. Operating experience
FOE essential for improving design and operation of NPPs. It includes learning from events that happened: On the plant itself; At similar plants; On other industrial facilities. Essential to determine correct root causes for implementation of adequate corrective action. The feedback of operating experience is one of the major factors for improving design and operation of nuclear power plants. It includes learning from events that happened at the plant itself, at similar plants or other industrial facilities. For an effective feedback of operating experience it is essential to determine correct root causes as only then effective corrective actions can be established and adequate lessons learned.

24 IRIDM process – cont. Deterministic considerations
DSA address the requirements that serve to: Reduce the identified potential hazards; Ensure that the design is fault tolerant to adequately meet a defence in depth philosophy; Assure compliance with deterministic acceptance criteria; Maintain adequate safety margins. Other deterministic requirements that might be considered are requirements for: Equipment qualification; Physical and material analyses; Prevention of CCFs; Fail-safe design provisions; Redundancy, diversity and physical separation of redundant systems. Deterministic safety assessments address the requirements that serve to reduce the identified potential hazards, to ensure that the design is fault tolerant to adequately meet a defence in depth philosophy, to assure compliance with deterministic acceptance criteria and to maintain adequate safety margins. Much more details can be found in Module VI. Other deterministic considerations that might be considered in the IRIDM process are among others, requirements for equipment qualification, physical and material analyses, prevention of common cause failures, fail safe design provisions, redundancy and diversity for safety functions and systems and physical separation of redundant systems.

25 IRIDM process – cont. Probabilistic considerations
Major contribution of PSA is identification of failure sequences that might be overlooked in DSA. Level 1 – CDF; Level 2 – containment performance; Level 3 – potential dose to the population. Qualitative outputs show weakness in design and operation. Quantitative outputs allow comparison with safety targets. Major contribution of probabilistic analyses in complementing deterministic safety analysis is the identification of failure sequences that otherwise might be overlooked. It is a structured approach that includes Level 1, which calculates the conditional core damage frequency, Level 2, which deals with the containment performance and Level 3, which calculates the potential doses to the population. It provides both qualitative and quantitative outputs. Qualitative outputs would show weaknesses in the design or operation, whereas the quantitative results allow for comparison with the established safety targets. Like with all other methodologies, it is important to assure a high quality of performed analyses, if results are to be used in decision making process. Much more detail on PSA can be found in Module VII.

26 Integration of PSA and DSA

27 QUESTIONS Historically, which type of safety analysis was used for the design of NPPs? Which questions does PSA aim to answer? Define design extension conditions. Name some advantages of DSA. Name some limitations of DSA. Name some advantages of PSA. Name some limitations of PSA.

28 QUESTIONS – cont. Describe the basic principle of the dose/frequency curve (no need to provide numbers). What are the safety goals for CDF and LERF for existing and for new nuclear power plants? Describe the basic principles of IRIDM. Which elements need to be considered when performing the IRIDM process? What are the advantages of using the IRIDM process? The views expressed in this document do not necessarily reflect the views of the European Commission.

Download ppt "Version 1.0, May 2015 SHORT COURSE"

Similar presentations

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.

Integra Consult A/S Safety Assessment. Integra Consult A/S SAFETY ASSESSMENT Objective Objective –Demonstrate that an acceptable level of safety will.
RISK INFORMED APPROACHES FOR PLANT LIFE MANAGEMENT: REGULATORY AND INDUSTRY PERSPECTIVES Björn Wahlström.

RISK INFORMED APPROACHES FOR PLANT LIFE MANAGEMENT: REGULATORY AND INDUSTRY PERSPECTIVES Björn Wahlström.
IAEA International Atomic Energy Agency. IAEA Outline Learning objectives Introduction Functions of Regulatory Body (RB) on EPR Appraisal guidance: Part.

IAEA International Atomic Energy Agency. IAEA Outline Learning objectives Introduction Functions of Regulatory Body (RB) on EPR Appraisal guidance: Part.
MODULE “PROJECT MANAGEMENT AND CONTROL” EMERGENCY PLANNING SAFE DECOMMISSIONING OF NUCLEAR POWER PLANTS Project BG/04/B/F/PP-166005, Programme “Leonardo.

MODULE “PROJECT MANAGEMENT AND CONTROL” EMERGENCY PLANNING SAFE DECOMMISSIONING OF NUCLEAR POWER PLANTS Project BG/04/B/F/PP , Programme “Leonardo.
Lindy Hughes Fleet Fire Protection Program Engineer Southern Nuclear Operating Company June 4, 2013 Fire Protection.

Lindy Hughes Fleet Fire Protection Program Engineer Southern Nuclear Operating Company June 4, 2013 Fire Protection.
INSAG DEVELOPMENT OF A DOCUMENT ON HIGH LEVEL SAFETY RECOMMENDATIONS FOR NUCLEAR POWER Milestone Issues: Group C. Nuclear Safety. A. Alonso (INSAG Member)

INSAG DEVELOPMENT OF A DOCUMENT ON HIGH LEVEL SAFETY RECOMMENDATIONS FOR NUCLEAR POWER Milestone Issues: Group C. Nuclear Safety. A. Alonso (INSAG Member)
6/23/2015 Risk-Informed Process and Tools for Permitting Hydrogen Fueling Stations Jeffrey LaChance 1, Andrei Tchouvelev 2, and Jim Ohi 3 1 Sandia National.

6/23/2015 Risk-Informed Process and Tools for Permitting Hydrogen Fueling Stations Jeffrey LaChance 1, Andrei Tchouvelev 2, and Jim Ohi 3 1 Sandia National.
Main Requirements on Different Stages of the Licensing Process for New Nuclear Facilities Module 4.7 Commissioning Geoff Vaughan University of Central.

Main Requirements on Different Stages of the Licensing Process for New Nuclear Facilities Module 4.7 Commissioning Geoff Vaughan University of Central.
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO GENERAL RISK MANAGEMENT 2.

Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO GENERAL RISK MANAGEMENT 2.
Regulatory Body MODIFIED Day 8 – Lecture 3.

Regulatory Body MODIFIED Day 8 – Lecture 3.
FAO/WHO CODEX TRAINING PACKAGE

FAO/WHO CODEX TRAINING PACKAGE
PART IX: EMERGENCY EXPOSURE SITUATIONS Module IX.1: Generic requirements for emergency exposure situations Lesson IX.1-2: General Requirements Lecture.

PART IX: EMERGENCY EXPOSURE SITUATIONS Module IX.1: Generic requirements for emergency exposure situations Lesson IX.1-2: General Requirements Lecture.
Protection Against Occupational Exposure

Protection Against Occupational Exposure
Codex Guidelines for the Application of HACCP

Codex Guidelines for the Application of HACCP
A Proposed Risk Management Regulatory Framework Commissioner George Apostolakis Presented at the Organization of Agreement States 2012 Annual Meeting Milwaukee,

A Proposed Risk Management Regulatory Framework Commissioner George Apostolakis Presented at the Organization of Agreement States 2012 Annual Meeting Milwaukee,
IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.

IAEA International Atomic Energy Agency Reviewing Management System and the Interface with Nuclear Security (IRRS Modules 4 and 12) BASIC IRRS TRAINING.
IAEA - Department of Nuclear Safety & Security

IAEA - Department of Nuclear Safety & Security
08 October 2015 M. Ammar Mehdi Introduction to Human Resource Management & SSG-16 Actions 4 th Steering Committee on Competence of Human.

08 October 2015 M. Ammar Mehdi Introduction to Human Resource Management & SSG-16 Actions 4 th Steering Committee on Competence of Human.
Energy Forum 2011, Changing the Energy Paradigm and Outlook for South-Eastern EU Energy Forum 2011 Nuclear Safety Regulation in Romania Recent Developments.

Energy Forum 2011, Changing the Energy Paradigm and Outlook for South-Eastern EU Energy Forum 2011 Nuclear Safety Regulation in Romania Recent Developments.
IAEA International Atomic Energy Agency. IAEA Outline Learning Objectives Introduction IRRS review of regulations and guides Relevant safety standards.

IAEA International Atomic Energy Agency. IAEA Outline Learning Objectives Introduction IRRS review of regulations and guides Relevant safety standards.

Similar presentations

Ads by Google