ÚJV Řež, a. s.

Use of PRA/PSA Risk

Insights for Operations

and Maintenance

Jiří Sedlák

ASME

Nuclear Codes & Standards Workshop

Prague, Czech Republic

8.7.2014

Probabilistic Safety Assessment - PSA

PSA provides important safety insights in addition to those provided

by deterministic analysis. PSA provides a methodological approach

to identifying accident sequences that can follow from a broad range

of initiating events and it includes a systematic and realistic

determination of accident frequencies and consequences.

Three levels of PSA generally consists of:Level 1 PSA, the design and operation of the plant are analysed in order to identify the

sequences of events that can lead to core damage and the core damage frequency is

estimated.

Level 2 PSA, the chronological progression of core damage sequences identified in

Level 1 PSA is evaluated, including a quantitative assessment of phenomena arising

from severe damage to reactor fuel.

Level 3 PSA, public health and other societal consequences are estimated, such as the

contamination of land or food from the accident sequences that lead to a release of

radioactivity to the environment. /IAEA SSG-3 – shortened/

Risk Informed Decision Making - RIDM

IAEA SSG-3 (Development and Application of Level 1

Probabilistic Safety Assessment for Nuclear Power Plants):

„The PSA should be used during the lifetime of the plant to provide

an input into decision making in combination with the results and

insights of deterministic safety analyses and considerations of

defence in depth.“

PSA can provide useful insights and inputs for various interested parties, such as plant

staff (management and engineering, operations and maintenance personnel), regulatory

bodies, designers and vendors, for making decisions on:

(a) Design modifications and plant modifications;

(b) Optimization of plant operation and maintenance;

(c) Safety analysis and research programmes;

(d) Regulatory issues.

2

RIDM requirements on PSA

For reasonable RIDM is necessary:

sufficient scope (completeness) of PSA

comprehensive set of internal initiating events

all appropriate modes of operation of the plant

internal hazards and natural and human induced external hazards

sufficient level of detail

balance between conservative and best estimate approach

up-to-date model - Living PSA

3

Risk Informed Approach

Risk Informed Decision Making (RIDM) utilize different PSA

tools (applications), e.g.:

Risk Informed Technical Specifications

Risk Monitors

Risk Informed In-Service Inspection

Risk Informed In-Service Testing (Maintenance)

Graded Quality Assurance

PSA Based Safety Performance Indicators

PSA Based Event Analysis (Accident Sequence Precursors)

Risk Informed Regulations

4

Risk Informed Maintenance

Differs from RCM (Reliability Centred Maintenance)

Long-termmodification of maintenance plans (e.g. test frequency)

list of safety important equipment

modification of maintenance instructions

modification of Limits and Conditions for plant operation, maintenance and testing

In-line maintenance authorisation

Operativemodification of outage schedule

Limits and Conditions temporary relaxation

In-line maintenance risk follow-up

5

Risk Informed Maintenance example –

Risk Monitor (IAEA No. SSG-3)

Risk monitorreal time analysis tool that generates risk information based on the actual plant

configuration in terms of a number of factors that typically include:

the plant operational state,

the components that have been removed from service and

the choice of operating trains and standby trains for normally operating systems.

The information generated by the risk monitor can be used in day to

day maintenance planning to ensure that maintenance activities are

scheduled in such a way that high peaks in risk are avoided

wherever possible and the cumulative, incremental, conditional core

damage probability of the plant is low.

6

Risk Monitoring at NPPs in Czech Republic

NPP Dukovanysoftware Safety Monitor 4.1

unit specific model

PSA Level1 (all power modes)

PSA Level 2 (selected power modes)

regular update to follow Living PSA (once per 1-2 years)

maintenance activity scheduling

operational risk profile evaluation

NPP Temelinsoftware Safety Monitor 4.1

PSA Level1 (selected power modes)

PSA Level 2 (selected power modes)

maintenance activity scheduling

operational risk profile evaluation

7

Safety Monitor – sample screen of hypothetical

mode

8

Safety Monitor

sample screen of schedule mode

9

Risk Informed Maintenance example –

Risk Informed In-Service Inspection (RS-ISI)

Traditional ISI requirements was looking for generic degradation

Degradation is typically not of a random occurrence

RI-ISI reflects recent developments in PSA technology, structural

reliability and operational experience

Aim:

to inspect the most risk important systems (or portions of systems,

e.g.. segments of pipework)

RI-ISI determines the risk significance of components and their

failure potential

RI-ISI allows to target plant resources to examine locations that are

truly risk significant and to improve plant reliability while radiation

doses to workers are kept ALARA

10

Risk Informed In-Service Inspection

UJV Experience

Pilot study of Low Pressure Emergency Core Cooling System of

WWER 1000 type (Temelin)

Pilot study results of Primary piping and Pressurizer surge line of

WWER 440 type NPP (Dukovany)

Pilot study of Steam and Feed Water lines of WWER 1000 type NPP

(Temelin)

Pilot study of Steam lines of WWER 1000 type NPP (Khmelnitsky

NPP (UA) – both in progress

All 4 Pilot studies based on the application of RI-ISI methodology of EPRI (report EPRI -

TR – 112657 Rev. B-A - Final Report, 1999)

11

Risk Informed Maintenance example –

Risk Informed In-Service Testing (RI-IST)

Aimto focus in-service testing programme on the components that have the highest risk

significance.

to reduce overall maintenance costs while still maintaining a very high level of safety.

RI-IST identify components with a relatively high safety significance

for which rigorous in-service testing is required and components with

a relatively low safety significance that are candidates for less

rigorous testing.

The in-service testing programme can then be adjusted, taking into

account the safety significance of particular components.

Level 1 PSA should be used to calculate the core damage frequency

for the new test intervals to justify their applicability

12

Risk Informed Approach example –

Graded Quality Assurance

The historical approach the same level of quality assurance to all safety related structures, systems and

components in the plant

PSA resultssome of the structures, systems and components that deterministically as not being

safety related have a relatively high risk significance and vice versa

Risk Based Graded QA reduced QA burdens including maintenance cost

level 1 PSA (CDF) important measures applied preferably at the level of safety functions

and safety systems

Both deterministic and probabilistic approach should be applied

together

13

Risk Informed Approach example –

PSA Based Event Analysis (ASP)

Operational feedback

operating events analysed using the PSA model complement the traditional deterministic

analysis

reduce the likelihood of recurrence of safety significant operating events

PSA Based Event Analysis

determine the risk significance of possible events and the contributors to the risk

initiating events and conditional events

rank events according to their significance

Not applicable for risk status trends identifications and plants

benchmarking

14

In-line Maintenance

Maintenance activity originally designed to be performed during

shutdown moved to normal (at-power) operation

Advantages of on-line maintenanceduring outages:

easier outage planning

better overview due to reduced work load

better work control by plant staff

availability of full fuel element cooling capabilities

during normal operation:

better control by plant staff due to reduced work load and less parallel work

use of the most experienced or appropriate plant staff or experienced vendor staff for

each task

easier planning

reduced probability of tagging errors

15

Risk Informed Approach example –

Risk Informed In-line Maintenance

RI approachto justify shift of particular maintenance activity from outage to at-power

it may require some compensatory measures, e.g. temporary or permanent additions

of mitigating systems, specific operational procedures etc.

to initiate maintenance activity shift due to lowering risk

In-line maintenance possibility depends on plant design, on especially the degree of

safety systems redundancy

Following items needed to be consideredTech specs affected.

Safety functions affected.

Deterministic and probabilistic (PSA) assessment of associated unavailability

Alternative systems to fulfil safety function(s) affected operability requirements

Simultaneous system inoperabilities forbidden, because of tech specs (SFC) or because

of causing high risk

Confirmation that trip probability is not increased, and review of ALARA criteria

16

17

Thank you for your

attention