presentation_1348891.. - Symbio News and Report

Transcription

Risk Monitor
Installation of GO-FLOW
into the risk monitor being developed at
Harbin Engineering University
September 1st. 2012
Takeshi MATSUOKA
Department of Mechanical systems engineering, Utsunomiya University
College of Nuclear Science and Technology, Harbin Engineering University
T.MATSUOKA, Utsunomiya University
Risk Monitor
Risk Monitor



Harbin Engineering University （HEU) is now developing
a risk monitor system.
The risk monitor provides a system stability overview and
details about events that impact reliability.
It calculates the stability index which shows the system
stability chart over the lifetime of the system.
Risk Monitor





IAEA’s definition
A plant specific real-time analysis tool used to determine the
instantaneous risk based on the actual status of the
systems and components.
At any given time, the Risk Monitor reflects the current plant
configuration in terms of the known status of the various
systems and/or components.
The Risk Monitor model is based on, and is consistent with,
the Living PSA.
It is updated with the same frequency as the Living PSA.
The Risk Monitor is used by the plant staff in support of
operational decisions.
Risk Monitor
“Risk” in Risk Monitor

“risk of core melt accident” (traditionally)
 The
risk monitor system at HEU deals with
the “risk” not by merely “core damage”,
but by the "radioactive materials" brought
by incidents or accidents.
Risk Monitor
Risk Monitor System at HED


“risk” by “core damage”,
+ by the "radioactive materials" brought by incidents
or accidents.
The basic configuration of the risk monitor system is
the two-layer system,
“plant DiD (Defense-in-Depth) risk monitor” and
“reliability monitor”
Risk Monitor
Risk monitor being developed at HEU
Risk Monitor
Plant DiD risk monitor


To know potential risk state caused by severe
accident phenomena to the plant system as a whole.
It can be used to conduct “mind thinking experiment”
on what risk will bring about in the plant if something
extraordinary situation happens.
Risk Monitor
Reliability Monitor
The “reliability monitor” is provided for the daily
monitoring of the reliability state of individual
subsystems.
 The reliability monitor systems may be installed either
on main control room or the maintainers’ handheld
computer at their workplace.
 Evaluate the risk of individual subsystems by utilizing
FMEA and GO-FLOW analysis to estimate dynamic
reliability.

Risk Monitor
The “Knowledge Base system” supports
“Reliability Monitor”
(i) Non-solid matter model of whole plant by revised
MFM,
(ii) Knowledge based solid matters models for
individual subsystems and equipments,
(iii) GO-FLOW Diagram and the related information for
individual subsystems,
(iv) FMEA table for individual subsystems.
Risk Monitor
Preconditions for the evaluation by the reliability
monitors (provided by DiD)
(i) Target subsystems,
(ii) Plant operation conditions and mode,
(iii) Types of accident initiators,
(iv) Common cause factors,
(v) Failure mechanism to be considered,
(vi) Failure data, etc.
Risk Monitor
The GO-FLOW Methodology




The GO-FLOW methodology is capable of evaluating
system reliability/availability.
Success-oriented system analysis techniques.
The GO-FLOW procedure uses a set of standardized
operators to describe logical operation, interaction, and
combination of physical equipment.
The modeling techniques produce charts which
represent the system engineering function.
GO-FLOW
The GO-FLOW Methodology (2)
The GO-FLOW chart (digraph) corresponds to the
physical layout of the system and is easy to
construct and validate,
 Alternations and updating of the GO-FLOW chart
are readily accomplished,
 GO-FLOW contains all possible system
operational states.

GO-FLOW
The GO-FLOW Methodology (3)
The GO-FLOW procedure uses a set of standardized
operators to describe the logical operation,
interaction, and combination of physical equipment.
 The connecting lines in the GO-FLOW chart are
called signal lines, which identify the inputs and
outputs to the operators.

GO-FLOW
Signal Line

It represents
Water flow in a pipe
Electricity
Demand signal
Information
Time duration as sub-input to operators 35, 37 and 38.

Existence of signal
Physical quantities （includes possibility）
Information or demand.
GO-FLOW
Type 21
Two-State Component
Type 25
Type 30
Type 39
Signal Generator
AND Gate
Opening and Closing Action
S
S1
S2
S
P1
AND
P2
R
R
Type 22
Type 26
Type 35
Normally Closed Valve
Failure of Light Bulb
OR Gate
R
Type 40
S
S1
R
Phased Mission Operator
S
S
S2
P
OR
P
R
R
Type 23
Type 27
Type 37
Normally Open Valve
Failure of Valve in Open State
NOT Gate
R
S
S
S
NOT
R
P
P
R
R
R
Type 24
Type 28
Type 38
Difference Operator
Delay Operator
Failure of Valve in Closed State
S
DIF
R
S
S
DLY
R
P
R
Standardized operators in the GO-FLOW
GO-FLOW
GO-FLOW Chart Editor and example of a chart
GO-FLOW
Analysis Function
Basic analysis
 Uncertainty analysis - Monte Carlo Method
 Common cause failure analysis – CCF Models
 Common cause failure analysis with uncertainty

GO-FLOW
(1) Phased Mission Problem
During the execution of the task, the system
configuration is altered such that the failure logic
model changes at one or more times.
Mission reliability is defined as the probability
that the system functions in successive phases.
GO-FLOW
 Therefore
it is necessary to calculate the
products of success probabilities among
different phases.
 In this case, it is necessary to treat correctly
the inclusion or exclusion relation between
the failures of shared components.
GO-FLOW
 Phased
Mission Operator
Intensity
1.0
S(t)
R(t)
ti
Phase
tj
TimePoints
GO-FLOW
(2) Common Cause Failure Analysis
Common cause failure (CCFs) have long been
recognized as an important issues in PSA.
 The high degree of reliability of safety systems in
nuclear power plants has been achieved through
the use of design principle of redundancy.
 Common cause failure arises from some common
cause that fails more than one system or more than
one train of a system, simultaneously.

GO-FLOW
Usually, there are more than one common causes, and
also there are many possible combinations of component
failures for a specific common cause.
 If all these failures are treated at the same time in a single
analysis model, the analysis becomes impractical.
 In this framework, each common cause is separately
evaluated and the total system unavailability is obtained
by summing up contribution from each CCF.

GO-FLOW
Procedure of the Common Cause Failure Analysis
(1) Construct the GO-FLOW chart, in which CCFs need not
be explicitly expressed.
(2) Identify the common cause failure component groups.
(3) Select the parametric model of common cause failure.
β-factor model, Multiple Greek letter model, Binomial
failure rate model, α-factor model.
(4) Give the estimated values for model parameter.
(5) Execute the GO-FLOW program with CCF function.
GO-FLOW
(3) Identification of minimal cut sets




Signal intensities, which are products of success
probabilities of components or basic events, contribute to
system function.
System states expressed in success probability are
converted into the expression in the failure probability.
Minimal Cut Sets (MCS), which are products of failure
probabilities of basic events, are obtained for designated
signal lines.
MCSs give the information which failures are major
contributors to total failure probability of a subsystem.
GO-FLOW
(4) Uncertainty analysis - Monte Carlo Method 

Give probabilistic distribution function for component failures.
PDF
Homogeneous distribution
Normal distribution
Log-normal distribution
Log-homogeneous distribution
Gamma distribution
Weibull distribution
Binomial distribution
Histogram distribution
GO-FLOW
(5) Aging and maintenance effects




In the GO-FLOW, probabilities and failure rates are not
implemented in situations where failure rate changes due
to aging effects.
Time-dependent availability of aging components is based
on the extended renewal equation.
The parameters of the aging model for each component
are based on the NUREG report .
By considering aging and maintenance effects,
degradation of system reliability can be shown in the
stability overview chart which may be provided in the risk
monitor system.
Risk Monitor
Interface between the GO-FLOW
and the risk monitor system
Key point of the development of the total system of
the risk monitor system.
 Also an interface between the reliability monitor and
operator is very important.
 With well designed interface, operator (=analyst)
can easily reflect the changes of plant conditions
to the evaluation of subsystems.

Risk Monitor
Fig. 3 Dynamic risk monitor as human interface
GO-FLOW
Integrated Analysis Framework




Evaluation of general Elevator systems by the GO-FLOW has
been performed.
In Japan, an elevator accident has occurred in 2006, and a
young high school student was killed.
After that, the safety of elevator systems becomes a social
attention.
An integrated and convenient analysis framework (ELSAT;
ELevator Safety Analysis Tool) has been developed by the
National Institute for Land and Infrastructure Management,
Ministry of Land, Infrastructure, Transport and Tourism
GO-FLOW
Analysis of large complicated system

Many information is inter-related each other.
Records of elevator accidents in the past,
detailed figures of mechanical structure of elevator,
control logic of elevator operation,
failure and maintenance data of components,
GO-FLOW model and its explanation,
analysis results,
improved system model corresponding GO-FLOW
model.
GO-FLOW
List of analysis models
GO-FLOW
Conclusions
A new method of risk monitor system of a nuclear power
plant has been proposed by Harbin Engineering
University.
 An important part of the risk monitor is monitoring the
dynamic reliability of subsystems, which will help the
plant operators to find the problems before real loss of
service appears during the plant operation.
 The GO-FLOW will be important part of the knowledge
base system of reliability monitor.

GO-FLOW

Conclusions(2)
The GO-FLOW has capability to treat following matters;
Phased mission problem,
Common cause failure,
Identification of MCSs,
Uncertainty analysis, and
Aging and maintenance effects.

Explanations were given for the installation of the GOFLOW into the reliability monitor of the risk monitor
being developed at HEU.

presentation_1348891.. - Symbio News and Report

Transcription

Similar documents

The Exterior and Interior Design of New Shinkansen Trains

Gunma Manufacturing Division

Mottos - Aurora Production

brochure - Angel Elevating Solutions

The Starrett-Lehigh Building 601 West 26th Street, New York, NY

cognition insert

Desoutter tools

Elevator Free Fall?