One of the main requirements for ensuring a high level of safety and economic efficiency of nuclear power units at all stages of the life cycle - designing new ones, operating existing power units and decommissioning them - is a probabilistic safety analysis of nuclear power units. The most widely used method for probabilistic safety analysis is the fault tree method. NPP power units are a complex system consisting of a large number of units of equipment, systems and units that are interconnected functionally and affect each other. In addition, to increase the adequacy of the developed probabilistic model of a power unit, it is necessary to take into account equipment failures for general reasons and the human factor. The resulting in-depth probabilistic models of power units can contain tens of thousands of fault trees and, as a result, hundreds or more of thousands of minimum sections and require lengthy calculations to obtain acceptable accuracy of the results. This complicates the application of this method, especially when monitoring risk in real time, when it is necessary to promptly make changes to the model and assess the impact of these changes on the current risk. The novelty of the project is the use of a modified modularization method, which significantly accelerates the generation of many minimal sections.
Probabilistic safety analysis of a nuclear power plant (PSA)
is a system safety analysis of a nuclear power plant unit, during
which probabilistic models are developed and probabilistic
safety indicators are determined, and the results of which are
used for qualitative and quantitative assessments of the level of
safety of a nuclear power plant unit and development of decisions
during design and operation unit of a nuclear power plant [
The main requirements for the implementation of PSA are
given in [
A detailed description of the «Risk» and
«RISKSPECTRUM» Software tools is given, respectively, in [
To determine the unavailability of primary events in the PSA model development, probabilistic reliability models of elements of the following types are used: constantly monitored, restored element (type 1), periodically checked item (type 2), an element with constant unavailability over time, characterized by a refusal of a requirement (type 3), element with a fixed working time (type 4), an event characterized by a constant frequency (type 5), non-recoverable item (type 6).
Table 1 shows the parameters used as input data, and the corresponding parameters of the formulas used to calculate the unavailability of elements.
Formula Options
Q λ F W µ TR TI TF TM
1. Constantly monitored, restored element (type 1). Unavailability Q (t) of this type element is calculated by the formula ( ) = − + ( λ ) · (1 − −( + ) ).
+ (1)
Optional parameters: q. 2. Periodically checked item (type 2) Required Parameters: λ, TI(r,TI).
Optional parameters: q, TR, TF.
The required parameters characterize the traditional model of a periodically controlled element. For such model, the unavailability of this type element Q(t) is calculated by the formula
( ) = 1 − −λ( − ), TI = 0, , 2 , … (2) 3. An element with constant unavailability over time, characterized by a refusal of a requirement (type 3). This is the simplest and most frequently used model, using the only q parameter - the probability of the request failure. In this case, the formulas are used
( ) = , = , W(t)=0. (4) 4. Element with a fixed working time (type 4) Required Parameters: λ, TM.
Optional parameter: q.
The following formulas are used
( ) = + 1 − −λ , = + 1 − −λ , ( ) = 0. (5) 5. An event characterized by a constant frequency (type 5). This model is used when the event is well described by the Poisson process, i.e. when events occur at a constant frequency. In this case, the only parameter f.
( ) = 0, = 0, W(t)=f. (6) 6. Non-recoverable item (type 6).
Required Parameter: λ(r).
Optional parameter: q.
( ) = + 1 − −λ , W(t) = λ(1-Q( )). (7)
For each calculation option, an analysis of the minimum cross sections is carried out.
The uncertainty analysis is carried out in addition to the point estimate obtained in the analysis of the minimum cross sections. The uncertainty analysis is based on a simple version of the Monte Carlo method.
The parameters of the reliability models of primary events have their own (regardless of primary events) record in which the developer sets a point (average) value of the reliability parameter and, if the uncertainty of the parameter is taken into account, the distribution of uncertainty. Distributions are used such as: Lognormal – fig. 1; Gamma – fig. 2; Beta – fig. 3; Normal – fig. 4;
1. Logical operator «OR». In terms of fault trees, such a structure corresponds to logic of the «OR» type, i.e. at least one input event occurs (Fig. 8). In mathematical expressions, the operator «OR» is indicated by the symbol «« or the sign «+».
According to the formula of total probability, the probability of the event AB (P(AB)) will be equal to:
( ) = ( ) + ( ) − ( ). (8) 2. Logical operator «AND». In terms of fault trees, such a structure corresponds to logic of the «AND» type, i.e. all input events occur (Fig. 9). In mathematical expressions, the operator «AND» is indicated by the symbol «» or the sign «».
By the multiplication theorem, the probability of the event AB (P(AB)) will be equal to:
( ) = ( ) ∙ ( ). (9) 3. Logical operator «K from N» (K / N). For such a system, the failure criterion is the failure of any K elements from N (for example, two elements from three). In this case, a logical operator of type K / N is used in the fault tree (Fig. 10).
According to the formula of total probability and the multiplication theorem, the probability of the event ABC (P(ABC)) will be equal to:
( ) = ( ) + ( ) + ( ) − ( ) − ( ) − ( ) − ( ). (10) 4. Logical operator «NOR». In terms of fault trees, such a structure corresponds to the logic of the «Not OR» type, i.e. denial of OR or none of the events occur (Fig. 11).
According to the formula of total probability and the multiplication theorem, the probability of the event AB (P(AB)) will be equal to:
According to the multiplication theorem, the probability of the event (P( )) will be equal to
( ) = (1 − ( )) ∙ (1 − ( )). (11) 5. Logical operator NAND. In terms of fault trees, this structure corresponds to the logic of the «Not and» (NAND) type, i.e. denial of AND or not all events occur (Fig. 12).
Fig. 12. Example of a fault tree with the logical operator «NAND»
According to the formula of total probability, the probability of the event (P( )) will be equal to:
( ) = ( ) + ( ) − ( ). (12) 6. Logical operator XOR. In terms of fault trees, this structure corresponds to the logic of the type «OR only» (XOR), i.e. strictly one of the input events occurs (with the exception of the OR operator) (Fig. 13).
Fig. 13. Example of a fault tree with the logical operator «XOR»
According to the formula of total probability and the multiplication theorem, the probability of the event AB (P(AB)) will be equal to: ( ) = ( ) ∙ (1 − ( )) + (1 − ( )) ∙ ( ) −
−((1 − ( )) ∙ (1 − ( )). (13) 7. Logical operator XAND. In terms of fault trees, such a structure corresponds to the logic of the «And Only» (XAND) type, i.e. exactly one event does not occur (Fig. 14). ) = ( ) ∙ ( ) + ( ( ) ∙ (1 − ( ))) + +((1 − ( )) ∙ ( ) − ( ). (14) 8. Logical operator NXOR. In terms of fault trees, such a structure corresponds to the logic of the «NON-EXCLUSIVE OR» (NXOR) type, i.e. no event takes place (denial of XOR) (Fig. 15).
Fig. 15. Example of a fault tree with the logical operator «NXOR»
According to the formula of total probability and the multiplication theorem, the probability of the event AB (P(AB)) will be equal to: ( ) = (1 − ( )) ∙ ( ) + ( ( ) ∙ (1 − ( ))) − ( ). (15) 9. Logical operator NXAND. In terms of fault trees, such a structure corresponds to the logic of the type «NONEXCLUSIVE AND» (NXAND), i.e. only one event is realized (negation of XAND) (Fig. 16).
According to the formula of total probability and the multiplication theorem, the probability of the event AB (P(AB)) will be equal to: ( ) = (1 − ( )) + (1 − ( )) ∙ (1 − ( )) + + ( )) ∙ (1 − ( )) + ( ) − ( ). (16) 10. Logical operator NOT. NOT - the operator «NOT» (ie, the negation operator) (Fig. 17).
An example of a fault tree is shown in Fig. 18. Comparative results and calculation results are given in tables 2-4 and in fig. 19-21. Fig. 20. Consequences. Event frequency Top event ALOCA-02 ALOCA-03 ALOCA-04 F-EC001-01 F-EC001-06 F-EC001-08 F-EC001-09 F-EC001-10 F-RB001-06 F-RB001-08 F-RB001-09 F-RB001-10 F-RB002-06 F-RB002-09 F-RB002-10 TRANS-04 TRANS-05 TRANS-06 TRANS-08 TRANS-09 TRANS-10
In this article, a comparative calculation of the probabilistic
analysis of safety and reliability using the RISK [
The sets of minimum sections completely coincided for all fault trees. The probabilities of all the corresponding minimal cross sections also coincided.
In accordance with [
To significantly reduce the calculation time of existing and developed codes and to increase the accuracy of probabilistic safety assessments, including when monitoring the safety of the current state of the power unit in real time (risk monitoring), it is necessary to develop methods and algorithms that accelerate the process of constructing a set of minimum sections for assessing the reliability and safety parameters of complex probabilistic models of nuclear power plants with a large number of fault trees. 7.
The study was carried out within the framework of grants 19-0700455, 20-07-00577 and 17-07-01475. 8.