Card Set Information
What are the two PRA risk metrics/measures?
CDF - Core Damage Frequency
LERF - Large Early Release Frequency
Explain the Level I PRA model.
: Core Damage
All sources result in core damage (internal, fire, seismic, severe weather, flood, etc.)
PV - Partial level I model (internal fire)
What is the Baseline CDF for PV?
Baseline: 2.3E-6 (2.3 per 1,000,000 years)
Explain the Level II PRA model.
: Containment Response to Core Damage
-Large early release and large late release
-PVNGS has complete Level II model
What is the baseline for a Level II event?
: 5E-7 (5 per 10,000,000 years)
10 times less likely than a level 1 event.
Explain the Level III PRA model.
: Assesses damages after Level II event
- PVNGS does not maintain a level 3 model
What is the definition of CDF?
: Core Damage Frequency
Probability that core damage will happen in a year.
What is core damage?
The uncovery and heat up of the reactor core to which fuel and clad damage is anticipated.
What is the definition of LERF?
: Large early release frequency. Probability that there will be a large early release in a year.
Large Early Release
: rapid, unmitigated release of airborne fission products from the containment to the response and protective actions.
**LERF CAN ONLY OCCUR IF THERE HAS BEEN CORE DAMAGE**
What constitutes 'early'?
General emergency procedures not enacted in time (about 2.5 hours after a general emergency is declared)
What is meant by 'large'?
Much larger than 10 CFR 100 limits
Causes death (early fatality)
What is considered a lethal dose of radiation?
What two topics are covered in the E-Plan to serve in protecting the public in an emergency?
Explain the difference between probability and frequency.
: measure of the likely hood that an event will occur
: measurement of the number of occurrences of a repeating event per unit time
Where does PRA get data from?
How is PRA able to use other data as well as PV data to get an accurate risk assessment?
As more plant-specific data comes available, its is weighted heavier than indusry data
Define a basic event.
Stop at failure mode level
Use values from industry
Incorporates all failure mechanisms into value
Define an undeveloped basic event.
More than one failure mode
More than 1 component Fault Tree
How are basic events and undeveloped events noted on the fault tree?
- Undeveloped Event
- Basic Event
What is the advantage of having rare events in modeling? Give Examples.
Failure probabilities are small for rare events (~1/100)
Failure for Non-rare events >1
System Failure OR gate --> System Success AND gate (Failure modeled as success, 1-success=failure)
**Risk spectrum ALWAYS negates when doing fault tree calculations**
Why do we rely on fault trees as opposed to success trees?
Equipment designed to be dependable
Success probabilities - huge, would complicate calculations
Failure calculations - simpler; because failures are considered rare events
Does PRA group components? If so, how?
Yes; grouped based on common parameters
How are the ~3500 components combined into 200-250 parameters?
: FO, FC, Spurious Closure (SC)
: FR, FS
: FO, FC, Spurious Transfer (T)
Where at PVNGS would plant-specific data be obtained?
CORA, IPDAS, EPIX, from INPO
Describe a fault tree, the building blocks, and what they calculate.
Maps out a system and components to show failure methods
Components, AND gates, OR gates, type of event
Probability of failure of a component
Draw a system and its corresponding fault tree.
What is a common cause failure?
Failure of two or more components
During a short period of time
Result of a single shared cause
Where in the RWT fault tree would a common cause failure be placed?
Under both trains
Under the OR gate for SI failure
Draw an event tree.
Describe Initiating Event
Any event, internal or external, which perturbs the steady state of the reactor
: Something that trips the reactor and is teamed up with a failure
Always comes first in an event tree
Represented as frequency (events/reactor-yr)
Describe a mitigating function event.
Function or system challenged by IE where failure may lead to negaive consequence
Proceeds in a functional or chronological order
Typically linked to a fault tree
Have a probability associated with their success/failure
Analyzed outcomes/results (CDF, and LERF)
Can also link to additional event trees
Represents frequency obtained by multiplying the initiating event frequency by all of the MFE probabilities along its sequence
The path which an event is successfully or unsuccessfully mitigated by function events ending in consequence
Can be described in cut-set form as well
What is an event that ends in a negative consequence called?
What indicates a success on an Event Tree? Failure?
: Move Up
: Move Down
Describe ways to improve the reliability of a system.
Reduce common causes (diversity) and incorporate redundant systems (such as multiple trains)
What things do you need to know to solve a PRA model?
Describe where data comes from and where it is used in the PRA.
Data comes from industry data
Incorporates all failure mechanisms into the value
Used in basic events modeled in a fault tree
Explain the ET structure.
How many event trees exist in PRA?
Not sure of exact number, but in the order of...
100's for fires
100's for floods
What should be considered in the development of every event tree?
The 8 critical safety functions on page 19 of standards and expectations
Describe how function events are derived at PVNGS. HINT: how are the order of event tree headings decided
Emergency Operations Procedures
Describe what consequences are of importance.
Large Early Release
What are the two types of HRAs?
Describe a post-initiator action.
Human errors during a response to abnormal plant conditions;
1) Error of Omission
: missing a step in a procedure
2) Error of Commission
: operating the wrong equipment
Describe a Pre-initiator action.
human errors performed prior to the initiation of an accident (failure to restore after maintenance)
**Famous Pre-Initiator - TMI - Maintenance did not restore valve**
Describe what affects the probability of HRAs.
: amount of time required given an available time window
Type of Action
: skill based, rule based, error based
: smoke, steam, etc. can influence the successful completion of an action
Describe the failure probability of skill versus rule versus knowledge based actions and which plant staff generally performs each type.
Skill = 1/1000 (Craft)
Rule = 1/100 (Operators)
Knowledge = 1/10 (Engineers)
How do we calculate HRAs?
-Timelines (decision trees)
-Cognitive errors (undersanding)
-Execution errors (action)
Draw the post-initiators timeline.
Median Response Time
Describe what tools are available to everyone onsite which help in human performance.
Standards and Expectations
Describe importance analysis.
A means of determining an event or piece of equipment's importance wrt the rest of the plant.
Why is importance analysis performed?
: Determine what is important
: Focus resources accordingly
What are the two key measures of importance.
: Risk Achievement Worth
Risk Assessment Worth
Multiplicative increase in risk assuming the SSC is always failed -> Probability = 1
RAW = CDF1/CDFb >1
*RAW can never be <1*
*Only 1 component taken out at a time*
Fractional reduction in risk assuming SSC is perfect -> Probability=0
Component is made perfect/always available in fault tree
FV = (CDFb-CDF0)/CDFb <<1
What programs on site use importance analysis?
What two things influence importance?
: How likely its needed
: How many other ways the same function can be performed
What does PRA provide to the site which aids in determining what systems, components, and initiators are of risk significance?
What is MAAP? What does it calculate?
Modular Accident Analysis Program
Measures radionuclides and T-H properties to determine the effects of degraded equipment
Gives realistic time frame of effects
What makes the MAAP4 code a plant-specific code?
The input file - plant specific parameters and operational data
Has capability of measuring radionuclides
What is meant by THERMAL and HYDRAULIC in regards to calculations?
: temp values, heat removal, pressure
: flow rates and properties of fluids
How does the PRA model benefit from MAAP code applications?
Gives realistic time framethat equipment can be degraded (degradation limits)
How can MAAP be used to determine success?
Determines if task can be completed in the alotted time
Determines degradations limits in association with success
Timings go into HRA calculations and to operations
What is the difference between realistic and conservative?
: Real life time and plant conditions
: built in margins
Why do we perform
risk assessments? Why do we perform
M-Rule - ITS THE LAW!
NRC said licensee shall asses and manage risk!
What things need to be known to asses shutdown risk?
State of the plant
Safety function of concern
SSC's available to support safety function
How are online risk assessments performed prior to maintenance?
Abstract model used calculate a quantitative measure of risk
What are the different levels of risk?
What results does the user get from EOOs?
CDF and LERF risk ratio = (CDF or LERF for plant with unavailable equipment)/(plant risk with no equipment out of service)
Why do we perform risk assessments?
Describe the 3 elements of a program that comply with 10 CFR 50.65 paragraph a(4).
Describe the output of an online risk assessment - where is it found and what information is given.
EOOS Scheduler's Screen Risk Profile
: Contains CDF and LERF Profiles, work activities driving risk, and reason(s) why risk is greater than green.
Describe how outage risk assessments are performed.
Using defense in depth methodology - qualitative measure of risk
CDF and LERF is not calculated
Describe what the outage risk is based upon.
Number of available success paths for defense in depth of the key safety functions.
N+1 methodology, unless it is a high risk evolution, in which case N+2
Explain N+1 methodology
: > 2 available success paths
: 2 available
: 1 available
: 0 available
Explain N+2 methodology
: > 3 available success paths
: 3 available
: 2 available
: 0-1 available
What is a high risk evolution?
outage activity or plant condition where plant is more susceptible to an event causing the loss of a key safety function.
Describe the output of an outage risk assessment - where is it found and what information is given.
Current Outage RMAL
: Daily Outage Newsletter
: Daily Outage Newsletter
: V Drive and Distributed to Operations
Shiftly SSFA Sheets
: Stored on V Drive
PARAGON Risk Profile
: Outage Control Center
What are the mandatory PRA applications at PVNGS?
Maintenance Rule (a) 1-4
Mitigating System Performance Index (MSPI)
Significance Determination Process (SDP)
Describe the Maintenance Rule.
10 CFR 50.65
: Assess, Aware, Action
1) Monitor the performance or condition of SSCs where safety is important
2) Assess and manage the increase in risk associated with maintenance activities
What is the purpose of the MSPI.
To monitor the performance of selected systems based on their ability to mitigate plant transients and reactor accidents.
What tyes of risks does MSPI monitor?
Risk Due to Unavailabiliy
: train level
Risk due to Unreliability
: component level
MSPI = UAI+URI
How does MSPI differ from the maintenance rule?
MSPI specifically for systems when reactor is critical
Characterizes Safety Significance of Inspection Findings
Defines Level of NRC Engagement
SDP = risk insight + performance indicator results
Applied to all 7 safety cornerstones
90 day goal to complete SDP process
What are the voluntary PRA applications at PVNGS?
Tech Spec Changes:
In-service Inspections (ISI)
Allowed Outage Time Extensions
Reflect Improved Design Features
Reduce Unnecessary Burdens
Describe SR 3.0.3.
Establish flexibility to defer equipment to inoperable when surveillance has not been completed in time
Risk Impact Evaluation - Justification for missed surveillance
Risk Measures Related to CDF and LERF
Describe an NOED.
Notice of Enforcement Discretion
NRC's approval which allows plant to operate outside of the license for temporary amount of time
Demonstrate that there is "no net increase in radiological risk to the public"
Use 0 maintenance PRA model
Describe MOV/AOV programs.
Assess risk significance of importance of each valve's contribution to mitigating events.
Describe ISI programs.
Risk Informed In-Service Inspections
Identify risk important piping systems (welds and pipes)
What are the QA requirements pertaining to PRA?
Lifetime Plant Records
What kinds of things can cause the PRA model to need to be changed?
Explain risk-based decisions.
Only uses PRA results/insights
Not allowed by NRC
Explain risk-informed decisions.
PRA results and insights
Defense in Depth evaluation
Safety Margin Evaluation
What are the titles of the two regulatory approaches to PRA quality?
: "An approach for Using Probabilistic Risk Assessment in Risk-Informed Decisions on Plant Specific Changes to the Licensing Basis"
: "An Approach for Determining the Technical Adequacy of Probabilistic Risk Assessment Results for Risk Informed Activities
Summarize RG 1.174
Recommendations for using risk information in support of LB changes
Defines risk informed (Defense in-depth +Safety Margin + PRA Input)
General requirements for QA program as applied to PRA analyses
Establish specific technical requirements
Endorse Industry Standards
Assess the Technical Adequacy