Type systems for distributed programs components and sessions

CERN Document Server

Dardha, Ornela

2016-01-01

In this book we develop powerful techniques based on formal methods for the verification of correctness, consistency and safety properties related to dynamic reconfiguration and communication in complex distributed systems. In particular, static analysis techniques based on types and type systems are an adequate methodology considering their success in guaranteeing not only basic safety properties, but also more sophisticated ones like deadlock or lock freedom in concurrent settings. The main contributions of this book are twofold. i) We design a type system for a concurrent object-oriented calculus to statically ensure consistency of dynamic reconfigurations. ii) We define an encoding of the session pi-calculus, which models communication in distributed systems, into the standard typed pi-calculus. We use this encoding to derive properties like type safety and progress in the session pi-calculus by exploiting the corresponding properties in the standard typed pi-calculus.

76 FR 22944 - Pipeline Safety: Notice of Public Webinars on Implementation of Distribution Integrity Management...

Science.gov (United States)

2011-04-25

... oversight program and operating conditions as well as the evolutionary process that distribution system... 20590. Hand Delivery: Docket Management System, Room W12-140, on the ground floor of the West Building... PHMSA-2011-0084] Pipeline Safety: Notice of Public Webinars on Implementation of Distribution Integrity...

[Monitoring microbiological safety of small systems of water distribution. Comparison of two sampling programs in a town in central Italy].

Science.gov (United States)

Papini, Paolo; Faustini, Annunziata; Manganello, Rosa; Borzacchi, Giancarlo; Spera, Domenico; Perucci, Carlo A

2005-01-01

To determine the frequency of sampling in small water distribution systems (distribution. We carried out two sampling programs to monitor the water distribution system in a town in Central Italy between July and September 1992; the Poisson distribution assumption implied 4 water samples, the assumption of negative binomial distribution implied 21 samples. Coliform organisms were used as indicators of water safety. The network consisted of two pipe rings and two wells fed by the same water source. The number of summer customers varied considerably from 3,000 to 20,000. The mean density was 2.33 coliforms/100 ml (sd= 5.29) for 21 samples and 3 coliforms/100 ml (sd= 6) for four samples. However the hypothesis of homogeneity was rejected (p-value samples (beta= 0.24) than with 21 (beta= 0.05). For this small network, determining the samples' size according to heterogeneity hypothesis strengthens the statement that water is drinkable compared with homogeneity assumption.

75 FR 5640 - Pipeline Safety: Implementation of Revised Incident/Accident Report Forms for Distribution...

Science.gov (United States)

2010-02-03

... DEPARTMENT OF TRANSPORTATION Pipeline and Hazardous Materials Safety Administration [Docket No... Distribution Systems, Gas Transmission and Gathering Systems, and Hazardous Liquid Systems AGENCY: Pipeline and.... SUMMARY: This notice advises owners and operators of gas pipeline facilities and hazardous liquid pipeline...

Introducing RiskSOAP to communicate the distributed situation awareness of a system about safety issues: an application to a robotic system.

Science.gov (United States)

Chatzimichailidou, Maria Mikela; Dokas, Ioannis M

2016-03-01

This paper introduces the RiskSOAP ('RiskSOAP' is the abbreviation for Risk SituatiOn Awareness Provision.) indicator to measure the capability of a complex socio-technical system to provide its agents with situation awareness (SA) about the presence of its threats and vulnerabilities and enables analysts to assess distributed SA. The RiskSOAP methodology adopts a comparative approach between two design versions of a system differing in the elements and characteristics that can enhance or cause the degradation of the awareness provision capability. The methodology uniquely combines three methods: (1) the STPA hazard analysis, (2) the EWaSAP early warning sign identification approach, and (3) a dissimilarity measure for calculating the distance between binary sets. In this paper, the RiskSOAP methodology was applied to a robotic system and the findings show that the indicator is an objective measure for the system's capability to provide its agents with SA about its threats and vulnerabilities. Practitioner Summary: This paper suggests a novel methodology for assessing distributed situation awareness (DSA) regarding safety issues. Given that systems consist of specifications and components possible to be mapped, the risk SA provision capability (RiskSOAP) methodology demonstrates the feasibility of measuring to what extent systems' elements contribute to the emergence of DSA.

Improving food safety in the supply chain: Integrating traceability in production and distribution planning

DEFF Research Database (Denmark)

Grunow, Martin; Rong, Aiying; Akkerman, Renzo

2008-01-01

on production and distribution planning. Here, we develop a methodology for production and distribution planning in food supply chains which minimizes production and logistics costs and at the same time reduces food safety concerns, limits the size of potential recalls, and satisfies product quality...... with traceability from the viewpoint of information system development and technology development such as radio frequency identification (RFID) and DNA-based techniques. However, traceability and its implications for food safety are thus far not incorporated in the standard operations management literature...

Recent advances in systems safety and security

CERN Document Server

Stamatescu, Grigore

2016-01-01

This book represents a timely overview of advances in systems safety and security, based on selected, revised and extended contributions from the 2nd and 3rd editions of the International Workshop on Systems Safety and Security – IWSSS, held in 2014 and 2015, respectively, in Bucharest, Romania. It includes 14 chapters, co-authored by 34 researchers from 7 countries. The book provides an useful reference from both theoretical and applied perspectives in what concerns recent progress in this area of critical interest. Contributions, broadly grouped by core topic, address challenges related to information theoretic methods for assuring systems safety and security, cloud-based solutions, image processing approaches, distributed sensor networks and legal or risk analysis viewpoints. These are mostly accompanied by associated case studies providing additional practical value and underlying the broad relevance and impact of the field.

System safety education focused on flight safety

Science.gov (United States)

Holt, E.

1971-01-01

The measures necessary for achieving higher levels of system safety are analyzed with an eye toward maintaining the combat capability of the Air Force. Several education courses were provided for personnel involved in safety management. Data include: (1) Flight Safety Officer Course, (2) Advanced Safety Program Management, (3) Fundamentals of System Safety, and (4) Quantitative Methods of Safety Analysis.

Formal development and verification of a distributed railway control system

DEFF Research Database (Denmark)

Haxthausen, Anne Elisabeth; Peleska, J.

2000-01-01

specifications which are transformed into directly implementable distributed control processes by applying a series of refinement and verification steps. Concrete safety requirements are derived from an abstract version that can be easily validated with respect to soundness and completeness. Complexity......The authors introduce the concept for a distributed railway control system and present the specification and verification of the main algorithm used for safe distributed control. Our design and verification approach is based on the RAISE method, starting with highly abstract algebraic...... is further reduced by separating the system model into a domain model and a controller model. The domain model describes the physical system in absence of control and the controller model introduces the safety-related control mechanisms as a separate entity monitoring observables of the physical system...

Analyzing Software Errors in Safety-Critical Embedded Systems

Science.gov (United States)

Lutz, Robyn R.

1994-01-01

This paper analyzes the root causes of safty-related software faults identified as potentially hazardous to the system are distributed somewhat differently over the set of possible error causes than non-safety-related software faults.

DEALed : A tool suite for distributed real-time systems development

NARCIS (Netherlands)

Bolshakov, K.; Karpov, Y.; Sintotski, A.; Malyshkin, V.

1999-01-01

DEALed is a tool suite for development of distributed systems using DEAL language. DEAL is being developed at Eindhoven University of Technology as a part of DEDOS project. Area of application of the DEALed is the development of the distributed real- time safety-critical control systems.

Software Safety Risk in Legacy Safety-Critical Computer Systems

Science.gov (United States)

Hill, Janice L.; Baggs, Rhoda

2007-01-01

Safety Standards contain technical and process-oriented safety requirements. Technical requirements are those such as "must work" and "must not work" functions in the system. Process-Oriented requirements are software engineering and safety management process requirements. Address the system perspective and some cover just software in the system > NASA-STD-8719.13B Software Safety Standard is the current standard of interest. NASA programs/projects will have their own set of safety requirements derived from the standard. Safety Cases: a) Documented demonstration that a system complies with the specified safety requirements. b) Evidence is gathered on the integrity of the system and put forward as an argued case. [Gardener (ed.)] c) Problems occur when trying to meet safety standards, and thus make retrospective safety cases, in legacy safety-critical computer systems.

NASA System Safety Handbook. Volume 2: System Safety Concepts, Guidelines, and Implementation Examples

Science.gov (United States)

Dezfuli, Homayoon; Benjamin, Allan; Everett, Christopher; Feather, Martin; Rutledge, Peter; Sen, Dev; Youngblood, Robert

2015-01-01

This is the second of two volumes that collectively comprise the NASA System Safety Handbook. Volume 1 (NASASP-210-580) was prepared for the purpose of presenting the overall framework for System Safety and for providing the general concepts needed to implement the framework. Volume 2 provides guidance for implementing these concepts as an integral part of systems engineering and risk management. This guidance addresses the following functional areas: 1.The development of objectives that collectively define adequate safety for a system, and the safety requirements derived from these objectives that are levied on the system. 2.The conduct of system safety activities, performed to meet the safety requirements, with specific emphasis on the conduct of integrated safety analysis (ISA) as a fundamental means by which systems engineering and risk management decisions are risk-informed. 3.The development of a risk-informed safety case (RISC) at major milestone reviews to argue that the systems safety objectives are satisfied (and therefore that the system is adequately safe). 4.The evaluation of the RISC (including supporting evidence) using a defined set of evaluation criteria, to assess the veracity of the claims made therein in order to support risk acceptance decisions.

A large waterborne outbreak of campylobacteriosis in Norway: The need to focus on distribution system safety

Directory of Open Access Journals (Sweden)

Lund Helge

2008-09-01

of water distribution systems. Good quality source water alone is not enough to ensure water safety. For a better risk management, more focus should be put on the distribution system security. Waterworks personnel should monitor the pressure regularly; reduce the leakage by upgrading the distribution network and use chlorination when conducting maintenance work.

75 FR 13342 - Pipeline Safety: Workshop on Distribution Pipeline Construction

Science.gov (United States)

2010-03-19

... DEPARTMENT OF TRANSPORTATION Pipeline and Hazardous Materials Safety Administration [Docket ID... natural gas distribution construction. Natural gas distribution pipelines are subject to a unique subset... distribution pipeline construction practices. This workshop will focus solely on natural gas distribution...

Distributed Space System Technology Demonstrations with the Emerald Nanosatellite

Science.gov (United States)

Twiggs, Robert

2002-01-01

A viewgraph presentation of Distributed Space System Technologies utilizing the Emerald Nanosatellite is shown. The topics include: 1) Structure Assembly; 2) Emerald Mission; 3) Payload and Mission Operations; 4) System and Subsystem Description; and 5) Safety Integration and Testing.

Modeling of the Operating Information for System of Logistical Support of the Hardware-software Means of Safety of the Distributed Systems for Data Processing

Directory of Open Access Journals (Sweden)

A. A. Durakovsky

2010-03-01

Full Text Available The technique of information modeling of processes and procedures making them by preparation of the operating information for system of logistical support of technological processes of operation and service of hardware-software means of safety of the distributed systems of data processing is offered. Procedures of preparation of the operating information for the system of logistical support of APSOB РСОД concern: working out and formalization of algorithm of functioning; construction of model of the functioning, allowing to calculate degree of risk of operation; decomposition of model and classification of its objects for the purpose of the unequivocal description of all elements of the operating information and mutual coordination of relations between information units.

Reactor safety systems

International Nuclear Information System (INIS)

Kafka, P.

1975-01-01

The spectrum of possible accidents may become characterized by the 'maximum credible accident', which will/will not happen. Similary, the performance of safety systems in a multitude of situations is sometimes simplified to 'the emergency system will/will not work' or even 'reactors are/ are not safe'. In assessing safety, one must avoid this fallacy of reducing a complicated situation to the simple black-and-white picture of yes/no. Similarly, there is a natural tendency continually to improve the safety of a system to assure that it is 'safe enough'. Any system can be made safer and there is usually some additional cost. It is important to balance the increased safety against the increased costs. (orig.) [de

Design optimization for security-and safety-critical distributed real-time applications

DEFF Research Database (Denmark)

Jiang, Wei; Pop, Paul; Jiang, Ke

2016-01-01

requirements on confidentiality of messages, task replication is used to enhance system reliability, and dynamic voltage and frequency scaling is used for energy efficiency of tasks. It is challenging to address these factors simultaneously, e.g., better security protections need more computing resources......In this paper, we are interested in the design of real-time applications with security, safety, timing, and energy requirements. The applications are scheduled with cyclic scheduling, and are mapped on distributed heterogeneous architectures. Cryptographic services are deployed to satisfy security...... and consume more energy, while lower voltages and frequencies may impair schedulability and security, and also lead to reliability degradation. We introduce a vulnerability based method to quantify the security performance of communications on distributed systems. We then focus on determining the appropriate...

Reactor system safety assurance

International Nuclear Information System (INIS)

Mattson, R.J.

1984-01-01

The philosophy of reactor safety is that design should follow established and conservative engineering practices, there should be safety margins in all modes of plant operation, special systems should be provided for accidents, and safety systems should have redundant components. This philosophy provides ''defense in depth.'' Additionally, the safety of nuclear power plants relies on ''safety systems'' to assure acceptable response to design basis events. Operating experience has shown the need to study plant response to more frequent upset conditions and to account for the influence of operators and non-safety systems on overall performance. Defense in depth is being supplemented by risk and reliability assessment

Distributed System Design Checklist

Science.gov (United States)

Hall, Brendan; Driscoll, Kevin

2014-01-01

This report describes a design checklist targeted to fault-tolerant distributed electronic systems. Many of the questions and discussions in this checklist may be generally applicable to the development of any safety-critical system. However, the primary focus of this report covers the issues relating to distributed electronic system design. The questions that comprise this design checklist were created with the intent to stimulate system designers' thought processes in a way that hopefully helps them to establish a broader perspective from which they can assess the system's dependability and fault-tolerance mechanisms. While best effort was expended to make this checklist as comprehensive as possible, it is not (and cannot be) complete. Instead, we expect that this list of questions and the associated rationale for the questions will continue to evolve as lessons are learned and further knowledge is established. In this regard, it is our intent to post the questions of this checklist on a suitable public web-forum, such as the NASA DASHLink AFCS repository. From there, we hope that it can be updated, extended, and maintained after our initial research has been completed.

Digital Signal Processing for In-Vehicle Systems and Safety

CERN Document Server

Boyraz, Pinar; Takeda, Kazuya; Abut, Hüseyin

2012-01-01

Compiled from papers of the 4th Biennial Workshop on DSP (Digital Signal Processing) for In-Vehicle Systems and Safety this edited collection features world-class experts from diverse fields focusing on integrating smart in-vehicle systems with human factors to enhance safety in automobiles. Digital Signal Processing for In-Vehicle Systems and Safety presents new approaches on how to reduce driver inattention and prevent road accidents. The material addresses DSP technologies in adaptive automobiles, in-vehicle dialogue systems, human machine interfaces, video and audio processing, and in-vehicle speech systems. The volume also features: Recent advances in Smart-Car technology – vehicles that take into account and conform to the driver Driver-vehicle interfaces that take into account the driving task and cognitive load of the driver Best practices for In-Vehicle Corpus Development and distribution Information on multi-sensor analysis and fusion techniques for robust driver monitoring and driver recognition ...

Safety system status monitoring

International Nuclear Information System (INIS)

Lewis, J.R.; Morgenstern, M.H.; Rideout, T.H.; Cowley, P.J.

1984-03-01

The Pacific Northwest Laboratory has studied the safety aspects of monitoring the preoperational status of safety systems in nuclear power plants. The goals of the study were to assess for the NRC the effectiveness of current monitoring systems and procedures, to develop near-term guidelines for reducing human errors associated with monitoring safety system status, and to recommend a regulatory position on this issue. A review of safety system status monitoring practices indicated that current systems and procedures do not adequately aid control room operators in monitoring safety system status. This is true even of some systems and procedures installed to meet existing regulatory guidelines (Regulatory Guide 1.47). In consequence, this report suggests acceptance criteria for meeting the functional requirements of an adequate system for monitoring safety system status. Also suggested are near-term guidelines that could reduce the likelihood of human errors in specific, high-priority status monitoring tasks. It is recommended that (1) Regulatory Guide 1.47 be revised to address these acceptance criteria, and (2) the revised Regulatory Guide 1.47 be applied to all plants, including those built since the issuance of the original Regulatory Guide

Safety system status monitoring

Energy Technology Data Exchange (ETDEWEB)

Lewis, J.R.; Morgenstern, M.H.; Rideout, T.H.; Cowley, P.J.

1984-03-01

The Pacific Northwest Laboratory has studied the safety aspects of monitoring the preoperational status of safety systems in nuclear power plants. The goals of the study were to assess for the NRC the effectiveness of current monitoring systems and procedures, to develop near-term guidelines for reducing human errors associated with monitoring safety system status, and to recommend a regulatory position on this issue. A review of safety system status monitoring practices indicated that current systems and procedures do not adequately aid control room operators in monitoring safety system status. This is true even of some systems and procedures installed to meet existing regulatory guidelines (Regulatory Guide 1.47). In consequence, this report suggests acceptance criteria for meeting the functional requirements of an adequate system for monitoring safety system status. Also suggested are near-term guidelines that could reduce the likelihood of human errors in specific, high-priority status monitoring tasks. It is recommended that (1) Regulatory Guide 1.47 be revised to address these acceptance criteria, and (2) the revised Regulatory Guide 1.47 be applied to all plants, including those built since the issuance of the original Regulatory Guide.

Safety assessment of envisaged systems for automotive hydrogen supply and utilization

Energy Technology Data Exchange (ETDEWEB)

Landucci, Gabriele [Dipartimento di Ingegneria Chimica, Chimica Industriale e Scienza dei Materiali, Universita di Pisa, via Diotisalvi n.2, 56126 Pisa (Italy); Tugnoli, Alessandro; Cozzani, Valerio [Dipartimento di Ingegneria Chimica, Mineraria e delle Tecnologie Ambientali, Alma Mater Studiorum - Universita di Bologna, via Terracini n.28, 40131 Bologna (Italy)

2010-02-15

A novel consequence-based approach was applied to the inherent safety assessment of the envisaged hydrogen production, distribution and utilization systems, in the perspective of the widespread hydrogen utilization as a vehicle fuel. Alternative scenarios were assessed for the hydrogen system chain from large scale production to final utilization. Hydrogen transportation and delivery was included in the analysis. The inherent safety fingerprint of each system was quantified by a set of Key Performance Indicators (KPIs). Rules for KPIs aggregation were considered for the overall assessment of the system chains. The final utilization stage resulted by large the more important for the overall expected safety performance of the system. Thus, comparison was carried out with technologies proposed for the use of other low emission fuels, as LPG and natural gas. The hazards of compressed hydrogen-fueled vehicles resulted comparable, while reference innovative hydrogen technologies evidenced a potentially higher safety performance. Thus, switching to the inherently safer technologies currently under development may play an important role in the safety enhancement of hydrogen vehicles, resulting in a relevant improvement of the overall safety performance of the entire hydrogen system. (author)

Controls in new construction reactors-factory testing of the non-safety portion of the Lungmen nuclear power plant distributed control system

International Nuclear Information System (INIS)

Wu, Y. S.; Dick, J. W.; Tetirick, C. W.

2006-01-01

The construction permit for Taipower's Lungmen Nuclear Units 1 and 2, two ABWR plants, was issued on March 17, 1999[1], The construction of these units is progressing actively at site. The digital I and C system supplied by GE, which is designated as the Distributed Control and Information System (DCIS) in this project, is being implemented primarily at one vendor facility. In order to ensure the reliability, safety and availability of the DCIS, it is required to comprehensively test the whole DCIS in factory. This article describes the test requirements and acceptance criteria for functional testing of the Non-Safety Distributed Control and Information system (DCIS) for Taiwan Power's Lungmen Units 1 and 2 GE selected Invensys as the equipment supplier for this Non-Safety portion of DCIS. The DCIS system of the Lungmen Units is a physically distributed control system. Field transmitters are connected to hard I/O terminal inputs on the Invensys I/A system. Once the signal is digitized on FBMs (Field Bus Modules) in Remote Multiplexing Units (RMUs), the signal is passed into an integrated control software environment. Control is based on the concept of compounds and blocks where each compound is a logical collection of blocks that performs a control function. Each point identified by control compound and block can be individually used throughout the DCIS system by referencing its unique name. In the Lungmen Project control logic and HSI (Human System Interface) requirements are divided into individual process systems called MPLs (Master Parts List). Higher-level Plant Computer System (PCS) algorithms access control compounds and blocks in these MPLs to develop functions. The test requirements and acceptance criteria for the DCIS system of the Lungmen Project are divided into three general categories (see 1,2,3 below) of verification, which in turn are divided into several specific tests: 1. DCIS System Physical Checks a) RMU Test - To confirm that the hard I

Controls in new construction reactors-factory testing of the non-safety portion of the Lungmen nuclear power plant distributed control system

Energy Technology Data Exchange (ETDEWEB)

Wu, Y. S. [Taiwan Power Company, 242, Roosevelt Road, Sec. 3, Taipei 100, Taiwan (China); Dick, J. W. [Invensys System Inc., 33 Commercial St., Foxboro, MA 02035 (United States); Tetirick, C. W. [GE Energy, 1989 Little Orchard Street, San Jose, CA 95125-1030 (United States)

2006-07-01

The construction permit for Taipower's Lungmen Nuclear Units 1 and 2, two ABWR plants, was issued on March 17, 1999[1], The construction of these units is progressing actively at site. The digital I and C system supplied by GE, which is designated as the Distributed Control and Information System (DCIS) in this project, is being implemented primarily at one vendor facility. In order to ensure the reliability, safety and availability of the DCIS, it is required to comprehensively test the whole DCIS in factory. This article describes the test requirements and acceptance criteria for functional testing of the Non-Safety Distributed Control and Information system (DCIS) for Taiwan Power's Lungmen Units 1 and 2 GE selected Invensys as the equipment supplier for this Non-Safety portion of DCIS. The DCIS system of the Lungmen Units is a physically distributed control system. Field transmitters are connected to hard I/O terminal inputs on the Invensys I/A system. Once the signal is digitized on FBMs (Field Bus Modules) in Remote Multiplexing Units (RMUs), the signal is passed into an integrated control software environment. Control is based on the concept of compounds and blocks where each compound is a logical collection of blocks that performs a control function. Each point identified by control compound and block can be individually used throughout the DCIS system by referencing its unique name. In the Lungmen Project control logic and HSI (Human System Interface) requirements are divided into individual process systems called MPLs (Master Parts List). Higher-level Plant Computer System (PCS) algorithms access control compounds and blocks in these MPLs to develop functions. The test requirements and acceptance criteria for the DCIS system of the Lungmen Project are divided into three general categories (see 1,2,3 below) of verification, which in turn are divided into several specific tests: 1. DCIS System Physical Checks a) RMU Test - To confirm that the hard

Traceability of Software Safety Requirements in Legacy Safety Critical Systems

Science.gov (United States)

Hill, Janice L.

2007-01-01

How can traceability of software safety requirements be created for legacy safety critical systems? Requirements in safety standards are imposed most times during contract negotiations. On the other hand, there are instances where safety standards are levied on legacy safety critical systems, some of which may be considered for reuse for new applications. Safety standards often specify that software development documentation include process-oriented and technical safety requirements, and also require that system and software safety analyses are performed supporting technical safety requirements implementation. So what can be done if the requisite documents for establishing and maintaining safety requirements traceability are not available?

Measurement of fuel importance distribution in non-uniformly distributed fuel systems

International Nuclear Information System (INIS)

Yamane, Yoshihiro; Hirano, Yasushi; Yasui, Hazime; Izima, Kazunori; Shiroya, Seiji; Kobayashi, Keiji.

1995-01-01

A reactivity effect due to a spatial variation of nuclear fuel concentration is an important problem for nuclear criticality safety in a reprocessing plant. As a theory estimating this reactivity effect, the Goertzel and fuel importance theories are well known. It has been shown that the Goertzel's theory is valid in the range of our experiments based on measurements of reactivity effect and thermal neutron flux in non-uniformly distributed fuel systems. On the other hand, there have been no reports concerning systematic experimental studies on the flatness of fuel importance which is a more general index than the Goertzel's theory. It is derived from the perturbation theory that the fuel importance is proportional to the reactivity change resulting from a change of small amount of fuel mass. Using a uniform and three kinds of nonuniform fuel systems consisting of 93.2% enriched uranium plates and polyethylene plates, the fuel importance distributions were measured. As a result, it was found experimentally that the fuel importance distribution became flat, as its reactivity effect became large. Therefore it was concluded that the flatness of fuel importance distribution is the useful index for estimating reactivity effect of non-uniformly distributed fuel system. (author)

Real-Time Safety Monitoring and Prediction for the National Airspace System

Science.gov (United States)

Roychoudhury, Indranil

2016-01-01

As new operational paradigms and additional aircraft are being introduced into the National Airspace System (NAS), maintaining safety in such a rapidly growing environment becomes more challenging. It is therefore desirable to have both an overview of the current safety of the airspace at different levels of granularity, as well an understanding of how the state of the safety will evolve into the future given the anticipated flight plans, weather forecasts, predicted health of assets in the airspace, and so on. To this end, we have developed a Real-Time Safety Monitoring (RTSM) that first, estimates the state of the NAS using the dynamic models. Then, given the state estimate and a probability distribution of future inputs to the NAS, the framework predicts the evolution of the NAS, i.e., the future state, and analyzes these future states to predict the occurrence of unsafe events. The entire probability distribution of airspace safety metrics is computed, not just point estimates, without significant assumptions regarding the distribution type and or parameters. We demonstrate our overall approach by predicting the occurrence of some unsafe events and show how these predictions evolve in time as flight operations progress.

Safety design guide for safety related systems for CANDU 9

International Nuclear Information System (INIS)

Lee, Duk Su; Chang, Woo Hyun; Lee, Nam Young; A. C. D. Wright

1996-03-01

In general, two types of safety related systems and structures exist in the nuclear plant; The one is a systems and structures which perform safety functions during the normal operation of the plant, and the other is a systems and structures which perform safety functions to mitigate events caused by failure of the normally operating systems or by naturally occurring phenomena. In this safety design guide, these systems are identified in detail, and the major events for which the safety functions are required and the major safety requirements are identified in the list. As the probabilistic safety assessments are completed during the course of the project, additions or deletions to the list may be justified. 3 tabs. (Author) .new

Safety design guide for safety related systems for CANDU 9

Energy Technology Data Exchange (ETDEWEB)

Lee, Duk Su; Chang, Woo Hyun; Lee, Nam Young [Korea Atomic Energy Research Institute, Daeduk (Korea, Republic of); Wright, A.C.D. [Atomic Energy of Canada Ltd., Toronto (Canada)

1996-03-01

In general, two types of safety related systems and structures exist in the nuclear plant; The one is a systems and structures which perform safety functions during the normal operation of the plant, and the other is a systems and structures which perform safety functions to mitigate events caused by failure of the normally operating systems or by naturally occurring phenomena. In this safety design guide, these systems are identified in detail, and the major events for which the safety functions are required and the major safety requirements are identified in the list. As the probabilistic safety assessments are completed during the course of the project, additions or deletions to the list may be justified. 3 tabs. (Author) .new.

Safety system function trends

International Nuclear Information System (INIS)

Johnson, C.

1989-01-01

This paper describes research to develop risk-based indicators of plant safety performance. One measure of the safety-performance of operating nuclear power plants is the unavailability of important safety systems. Brookhaven National Laboratory and Science Applications International Corporation are evaluating ways to aggregate train-level or component-level data to provide such an indicator. This type of indicator would respond to changes in plant safety margins faster than the currently used indicator of safety system unavailability (i.e., safety system failures reported in licensee event reports). Trends in the proposed indicator would be one indication of trends in plant safety performance and maintenance effectiveness. This paper summarizes the basis for such an indicator, identifies technical issues to be resolved, and illustrates the potential usefullness of such indicators by means of computer simulations and case studies

Island Partition of Distribution System with Distributed Generators Considering Protection of Vulnerable Nodes

Directory of Open Access Journals (Sweden)

Gang Xu

2017-10-01

Full Text Available To improve the reliability of power supply in the case of the fault of distribution system with multiple distributed generators (DGs and reduce the influence of node voltage fluctuation on the stability of distribution system operation in power restoration, this paper proposes an island partition strategy of the distribution system considering the protection of vulnerable nodes. First of all, the electrical coupling coefficient of neighboring nodes is put forward according to distribution system topology and equivalent electrical impedance, and the power-dependence relationship between neighboring nodes is calculated based on the direction and level of the power flow between nodes. Then, the bidirectional transmission of the coupling features of neighboring nodes is realized through the modified PageRank algorithm, thus identifying the vulnerable nodes that have a large influence on the stability of distribution system operation. Next, combining the index of node vulnerability, an island partition model is constructed with the restoration of important loads as the primary goal. In addition, the mutually exclusive firefly algorithm (MEFA is also proposed to realize the interaction of learning and competition among fireflies, thus enhancing the globally optimal solution search ability of the algorithm proposed. The proposed island partition method is verified with a Pacific Gas and Electric Company (PG and E 60-node test system. Comparison with other methods demonstrates that the new method is feasible for the distribution system with multiple types of distributed generations and valid to enhance the stability and safety of the grid with a relatively power restoration ratio.

Monitoring Distributed Real-Time Systems: A Survey and Future Directions

Science.gov (United States)

Goodloe, Alwyn E.; Pike, Lee

2010-01-01

Runtime monitors have been proposed as a means to increase the reliability of safety-critical systems. In particular, this report addresses runtime monitors for distributed hard real-time systems. This class of systems has had little attention from the monitoring community. The need for monitors is shown by discussing examples of avionic systems failure. We survey related work in the field of runtime monitoring. Several potential monitoring architectures for distributed real-time systems are presented along with a discussion of how they might be used to monitor properties of interest.

IAEA Safety Standards on Management Systems and Safety Culture

International Nuclear Information System (INIS)

Persson, Kerstin Dahlgren

2007-01-01

The IAEA has developed a new set of Safety Standard for applying an integrated Management System for facilities and activities. The objective of the new Safety Standards is to define requirements and provide guidance for establishing, implementing, assessing and continually improving a Management System that integrates safety, health, environmental, security, quality and economic related elements to ensure that safety is properly taken into account in all the activities of an organization. With an integrated approach to management system it is also necessary to include the aspect of culture, where the organizational culture and safety culture is seen as crucial elements of the successful implementation of this management system and the attainment of all the goals and particularly the safety goals of the organization. The IAEA has developed a set of service aimed at assisting it's Member States in establishing. Implementing, assessing and continually improving an integrated management system. (author)

75 FR 5244 - Pipeline Safety: Integrity Management Program for Gas Distribution Pipelines; Correction

Science.gov (United States)

2010-02-02

... Management Program for Gas Distribution Pipelines; Correction AGENCY: Pipeline and Hazardous Materials Safety... DEPARTMENT OF TRANSPORTATION Pipeline and Hazardous Materials Safety Administration 49 CFR Part... Regulations to require operators of gas distribution pipelines to develop and implement integrity management...

Safety logic systems of PFBR

International Nuclear Information System (INIS)

Sambasivan, S. Ilango

2004-01-01

Full text : PFBR is provided with two independent, fast acting and diverse shutdown systems to detect any abnormalities and to initiate safety action. Each system consists of sensors, signal processing systems, logics, drive mechanisms and absorber rods. The absorber rods of the first system are Control and Safety Rods (CSR) and that of the second are called as Diverse Safety Rods (DSR). There are nine CSR and three DSR. While CSR are used for startup, control of reactor power, controlled shutdown and SCRAM, the DSR are used only for SCRAM. The respective drive mechanisms are called as CSRDM and DSRDM. Each of these two systems is capable of executing the shutdown satisfactorily with single failure criteria. Two independent safety logic systems based on diverse principles have been designed for the two shut down systems. The analog outputs of the sensors of Core Monitoring Systems comprising of reactor flux monitoring, core temperature monitoring, failed fuel detection and core flow monitoring systems are processed and converted into binary signals depending on their instantaneous values. Safety logic systems receive the binary signals from these core-monitoring systems and process them logically to protect the reactor against postulated initiating events. Neutronic and power to flow (P/Q) signals form the inputs to safety logic system-I and temperature signals are inputs to the safety logic system II. Failed fuel detection signals are processed by both the shut down systems. The two logic systems to actuate the safety rods are also based on two diverse designs and implemented with solid-state devices to meet all the requirements of safety systems. Safety logic system I that caters to neutronic and P/Q signals is designed around combinational logic and has an on-line test facility to detect struck at faults. The second logic system is based on dynamic logic and hence is inherently safe. This paper gives an overview of the two logic systems that have been

Control Method of Single-phase Inverter Based Grounding System in Distribution Networks

DEFF Research Database (Denmark)

Wang, Wen; Yan, L.; Zeng, X.

2016-01-01

of neutral-to-ground voltage is critical for the safety of distribution networks. An active grounding system based on single-phase inverter is proposed to achieve this objective. Relationship between output current of the system and neutral-to-ground voltage is derived to explain the principle of neutral......The asymmetry of the inherent distributed capacitances causes the rise of neutral-to-ground voltage in ungrounded system or high resistance grounded system. Overvoltage may occur in resonant grounded system if Petersen coil is resonant with the distributed capacitances. Thus, the restraint...

General distributed control system for fusion experiments

International Nuclear Information System (INIS)

Klingner, P.L.; Levings, S.J.; Wilkins, R.W.

1986-01-01

A general control system using distributed LSI-11 microprocessors is being developed. Common software residues in each LSI-11 and is tailored to an application by control specifications downloaded from a host computer. The microprocessors, their control interfaces, and the micro-to-host communications are CAMAC based. The host computer also supports an operator interface, coordination of multiple microprocessors, and utilities to create and maintain the control specifications. Typical applications include monitoring safety interlocks as well as controlling vacuum systems, high voltage charging systems, and diagnostics

Safety of mechanical devices. Safety of automation systems

International Nuclear Information System (INIS)

Pahl, G.; Schweizer, G.; Kapp, K.

1985-01-01

The paper deals with the classic procedures of safety engineering in the sectors mechanical engineering, electrical and energy engineering, construction and transport, medicine technology and process technology. Particular stress is laid on the safety of automation systems, control technology, protection of mechanical devices, reactor safety, mechanical constructions, transport systems, railway signalling devices, road traffic and protection at work in chemical plans. (DG) [de

75 FR 36615 - Pipeline Safety: Information Collection Gas Distribution Annual Report Form

Science.gov (United States)

2010-06-28

... DEPARTMENT OF TRANSPORTATION Pipeline and Hazardous Materials Safety Administration 49 CFR Part 192 [Docket No. PHMSA-RSPA-2004-19854] Pipeline Safety: Information Collection Gas Distribution Annual Report Form AGENCY: Pipeline and Hazardous Materials Safety Administration (PHMSA), DOT. ACTION: Request...

Performance Test Results of Safety I and C Systems of SMART MMIS

International Nuclear Information System (INIS)

Suh, Yong Suk; Keum, Jong Yong; Jeong, Kwang Il; Lee, Joon Ku; Lee, Sang Seok; Kim, Kwan Woong

2011-01-01

KAERI has developed SMART (System-integrated Modular Advanced ReacTor), a 330MWt integral pressurized light water reactor that integrates four reactor coolant pumps, one pressurizer, eight steam generators, and one reactor core into a reactor vessel, since 1997 and submitted a SSAR (Standard design Safety Analysis Report) to Korea institute of nuclear safety (KINS) at the end of 2010 for the purpose of achieving the standard design approval (SDA) by the end of 2011. SMART MMIS has been designed with fully digitalized systems. Non-safety instrumentation and control (I and C) systems are designed based on the commercial distributed control systems. The safety I and C systems are designed using a new platform that was developed and validated by KAERI. Safety I and C systems are modularized using the platform. In the protection systems (PSs), datalinks are used to transmit data in a one-way direction in order to meet the independency requirement. In the engineered safety features-component control system (ESF-CCS), network switch devices (NSDs) are used to connect the group and loop controllers. The NSD was also newly developed and validated by KAERI. After validating the platform and NSD, a test facility was developed using the platform and NSDs to validate the performance of safety I and C systems. This paper presents the development and test results from the test facility

Evaluating safety management system implementation

International Nuclear Information System (INIS)

Preuss, M.

2009-01-01

Canada is committed to not only maintaining, but also improving upon our record of having one of the safest aviation systems in the world. The development, implementation and maintenance of safety management systems is a significant step towards improving safety performance. Canada is considered a world leader in this area and we are fully engaged in implementation. By integrating risk management systems and business practices, the aviation industry stands to gain better safety performance with less regulatory intervention. These are important steps towards improving safety and enhancing the public's confidence in the safety of Canada's aviation system. (author)

System Design and the Safety Basis

International Nuclear Information System (INIS)

Ellingson, Darrel

2008-01-01

The objective of this paper is to present the Bechtel Jacobs Company, LLC (BJC) Lessons Learned for system design as it relates to safety basis documentation. BJC has had to reconcile incomplete or outdated system description information with current facility safety basis for a number of situations in recent months. This paper has relevance in multiple topical areas including documented safety analysis, decontamination and decommissioning (D and D), safety basis (SB) implementation, safety and design integration, potential inadequacy of the safety analysis (PISA), technical safety requirements (TSR), and unreviewed safety questions. BJC learned that nuclear safety compliance relies on adequate and well documented system design information. A number of PIS As and TSR violations occurred due to inadequate or erroneous system design information. As a corrective action, BJC assessed the occurrences caused by systems design-safety basis interface problems. Safety systems reviewed included the Molten Salt Reactor Experiment (MSRE) Fluorination System, K-1065 fire alarm system, and the K-25 Radiation Criticality Accident Alarm System. The conclusion was that an inadequate knowledge of system design could result in continuous non-compliance issues relating to nuclear safety. This was especially true with older facilities that lacked current as-built drawings coupled with the loss of 'historical knowledge' as personnel retired or moved on in their careers. Walkdown of systems and the updating of drawings are imperative for nuclear safety compliance. System design integration with safety basis has relevance in the Department of Energy (DOE) complex. This paper presents the BJC Lessons Learned in this area. It will be of benefit to DOE contractors that manage and operate an aging population of nuclear facilities

Optimal replacement policy for safety-related multi-component multi-state systems

International Nuclear Information System (INIS)

Xu Ming; Chen Tao; Yang Xianhui

2012-01-01

This paper investigates replacement scheduling for non-repairable safety-related systems (SRS) with multiple components and states. The aim is to determine the cost-minimizing time for replacing SRS while meeting the required safety. Traditionally, such scheduling decisions are made without considering the interaction between the SRS and the production system under protection, the interaction being essential to formulate the expected cost to be minimized. In this paper, the SRS is represented by a non-homogeneous continuous time Markov model, and its state distribution is evaluated with the aid of the universal generating function. Moreover, a structure function of SRS with recursive property is developed to evaluate the state distribution efficiently. These methods form the basis to derive an explicit expression of the expected system cost per unit time, and to determine the optimal time to replace the SRS. The proposed methodology is demonstrated through an illustrative example.

Analysis of fault tolerance and reliability in distributed real-time system architectures

International Nuclear Information System (INIS)

Philippi, Stephan

2003-01-01

Safety critical real-time systems are becoming ubiquitous in many areas of our everyday life. Failures of such systems potentially have catastrophic consequences on different scales, in the worst case even the loss of human life. Therefore, safety critical systems have to meet maximum fault tolerance and reliability requirements. As the design of such systems is far from being trivial, this article focuses on concepts to specifically support the early architectural design. In detail, a simulation based approach for the analysis of fault tolerance and reliability in distributed real-time system architectures is presented. With this approach, safety related features can be evaluated in the early development stages and thus prevent costly redesigns in later ones

Safety Information System Guide

International Nuclear Information System (INIS)

Bullock, M.G.

1977-03-01

This Guide provides guidelines for the design and evaluation of a working safety information system. For the relatively few safety professionals who have already adopted computer-based programs, this Guide may aid them in the evaluation of their present system. To those who intend to develop an information system, it will, hopefully, inspire new thinking and encourage steps towards systems safety management. For the line manager who is working where the action is, this Guide may provide insight on the importance of accident facts as a tool for moving ideas up the communication ladder where they will be heard and acted upon; where what he has to say will influence beneficial changes among those who plan and control his operations. In the design of a safety information system, it is suggested that the safety manager make friends with a computer expert or someone on the management team who has some feeling for, and understanding of, the art of information storage and retrieval as a new and better means for communication

Architecture Level Safety Analyses for Safety-Critical Systems

Directory of Open Access Journals (Sweden)

K. S. Kushal

2017-01-01

Full Text Available The dependency of complex embedded Safety-Critical Systems across Avionics and Aerospace domains on their underlying software and hardware components has gradually increased with progression in time. Such application domain systems are developed based on a complex integrated architecture, which is modular in nature. Engineering practices assured with system safety standards to manage the failure, faulty, and unsafe operational conditions are very much necessary. System safety analyses involve the analysis of complex software architecture of the system, a major aspect in leading to fatal consequences in the behaviour of Safety-Critical Systems, and provide high reliability and dependability factors during their development. In this paper, we propose an architecture fault modeling and the safety analyses approach that will aid in identifying and eliminating the design flaws. The formal foundations of SAE Architecture Analysis & Design Language (AADL augmented with the Error Model Annex (EMV are discussed. The fault propagation, failure behaviour, and the composite behaviour of the design flaws/failures are considered for architecture safety analysis. The illustration of the proposed approach is validated by implementing the Speed Control Unit of Power-Boat Autopilot (PBA system. The Error Model Annex (EMV is guided with the pattern of consideration and inclusion of probable failure scenarios and propagation of fault conditions in the Speed Control Unit of Power-Boat Autopilot (PBA. This helps in validating the system architecture with the detection of the error event in the model and its impact in the operational environment. This also provides an insight of the certification impact that these exceptional conditions pose at various criticality levels and design assurance levels and its implications in verifying and validating the designs.

Assessing nuclear power plant safety and recovery from earthquakes using a system-of-systems approach

International Nuclear Information System (INIS)

Ferrario, E.; Zio, E.

2014-01-01

We adopt a ‘system-of-systems’ framework of analysis, previously presented by the authors, to include the interdependent infrastructures which support a critical plant in the study of its safety with respect to the occurrence of an earthquake. We extend the framework to consider the recovery of the system of systems in which the plant is embedded. As a test system, we consider the impacts produced on a nuclear power plant (the critical plant) embedded in the connected power and water distribution, and transportation networks which support its operation. The Seismic Probabilistic Risk Assessment of such system of systems is carried out by Hierarchical modeling and Monte Carlo simulation. First, we perform a top-down analysis through a hierarchical model to identify the elements that at each level have most influence in restoring safety, adopting the criticality importance measure as a quantitative indicator. Then, we evaluate by Monte Carlo simulation the probability that the nuclear power plant enters in an unsafe state and the time needed to recover its safety. The results obtained allow the identification of those elements most critical for the safety and recovery of the nuclear power plant; this is relevant for determining improvements of their structural/functional responses and supporting the decision-making process on safety critical-issues. On the test system considered, under the given assumptions, the components of the external and internal water systems (i.e., pumps and pool) turn out to be the most critical for the safety and recovery of the plant. - Highlights: • We adopt a system-of-system framework to analyze the safety of a critical plant exposed to risk from external events, considering also the interdependent infrastructures that support the plant. • We develop a hierarchical modeling framework to represent the system of systems, accounting also for its recovery. • Monte Carlo simulation is used for the quantitative evaluation of the

A Distributed Approach to System-Level Prognostics

Science.gov (United States)

Daigle, Matthew J.; Bregon, Anibal; Roychoudhury, Indranil

2012-01-01

Prognostics, which deals with predicting remaining useful life of components, subsystems, and systems, is a key technology for systems health management that leads to improved safety and reliability with reduced costs. The prognostics problem is often approached from a component-centric view. However, in most cases, it is not specifically component lifetimes that are important, but, rather, the lifetimes of the systems in which these components reside. The system-level prognostics problem can be quite difficult due to the increased scale and scope of the prognostics problem and the relative Jack of scalability and efficiency of typical prognostics approaches. In order to address these is ues, we develop a distributed solution to the system-level prognostics problem, based on the concept of structural model decomposition. The system model is decomposed into independent submodels. Independent local prognostics subproblems are then formed based on these local submodels, resul ting in a scalable, efficient, and flexible distributed approach to the system-level prognostics problem. We provide a formulation of the system-level prognostics problem and demonstrate the approach on a four-wheeled rover simulation testbed. The results show that the system-level prognostics problem can be accurately and efficiently solved in a distributed fashion.

Considering inventory distributions in a stochastic periodic inventory routing system

Science.gov (United States)

Yadollahi, Ehsan; Aghezzaf, El-Houssaine

2017-07-01

Dealing with the stochasticity of parameters is one of the critical issues in business and industry nowadays. Supply chain planners have difficulties in forecasting stochastic parameters of a distribution system. Demand rates of customers during their lead time are one of these parameters. In addition, holding a huge level of inventory at the retailers is costly and inefficient. To cover the uncertainty of forecasting demand rates, researchers have proposed the usage of safety stock to avoid stock-out. However, finding the precise level of safety stock depends on forecasting the statistical distribution of demand rates and their variations in different settings among the planning horizon. In this paper the demand rate distributions and its parameters are taken into account for each time period in a stochastic periodic IRP. An analysis of the achieved statistical distribution of the inventory and safety stock level is provided to measure the effects of input parameters on the output indicators. Different values for coefficient of variation are applied to the customers' demand rate in the optimization model. The outcome of the deterministic equivalent model of SPIRP is simulated in form of an illustrative case.

FOOD SAFETY CONTROL SYSTEM IN CHINA

Institute of Scientific and Technical Information of China (English)

Liu Wei-jun; Wei Yi-min; Han Jun; Luo Dan; Pan Jia-rong

2007-01-01

Most countries have expended much effort to develop food safety control systems to ensure safe food supplies within their borders. China, as one of the world's largest food producers and consumers,pays a lot of attention to food safety issues. In recent years, China has taken actions and implemented a series of plans in respect to food safety. Food safety control systems including regulatory, supervisory,and science and technology systems, have begun to be established in China. Using, as a base, an analysis of the current Chinese food safety control system as measured against international standards, this paper discusses the need for China to standardize its food safety control system. We then suggest some policies and measures to improve the Chinese food safety control system.

Replacement of the complete control system of the NPP Oskarshamn 1 by digital distributed control system

International Nuclear Information System (INIS)

Berger, E.

1998-01-01

As part of an ongoing modernization program, the I and C system and the control room of Oskarshamn 1 will be upgraded by ABB using its 'Advant Power' range of digital, programmable process control system. Besides ensuring the higher level of safety that is demanded today, the new equipment provides the plant with an integrated system which will improve operator interaction with the plant and reduce the risk of human error. The newly installed DCS system will serve also as a platform for further improvements of the control room. This paper discusses Oskarshamn 1 exchange of the complete control system of a nuclear power plant, the technical solution and the time schedule. Oskarshamn 1 is the first nuclear power plant in Sweden. It is a boiling water reactor built between 1966 and 1971 by ABB ATOM in Sweden. According to the plant age the control system is relay-based, while instrumentation and analogue control is semiconductor-based. This makes maintenance expensive and even worse, makes extensions nearly impossible. According to the safety standards of the 1960s, there is no separation between safety and non safety control and no seismic qualification. To extend the life of this plant the owner has decided to improve the safety system as well as to replace the reactor protection system, the safety related control and the non safety related control by a state-of-the-art digital distributed control system from ABB. In March 1997, ABB got the order to replace the reactor protection system, the safety control system and to start the replacement of all control systems. The old control room has to be replaced by a new ergonomically design. Together with the exchange of the control system the safety features of the plant and the emergency power supply has to be extended. (author)

NASA System Safety Handbook. Volume 1; System Safety Framework and Concepts for Implementation

Science.gov (United States)

Dezfuli, Homayoon; Benjamin, Allan; Everett, Christopher; Smith, Curtis; Stamatelatos, Michael; Youngblood, Robert

2011-01-01

System safety assessment is defined in NPR 8715.3C, NASA General Safety Program Requirements as a disciplined, systematic approach to the analysis of risks resulting from hazards that can affect humans, the environment, and mission assets. Achievement of the highest practicable degree of system safety is one of NASA's highest priorities. Traditionally, system safety assessment at NASA and elsewhere has focused on the application of a set of safety analysis tools to identify safety risks and formulate effective controls.1 Familiar tools used for this purpose include various forms of hazard analyses, failure modes and effects analyses, and probabilistic safety assessment (commonly also referred to as probabilistic risk assessment (PRA)). In the past, it has been assumed that to show that a system is safe, it is sufficient to provide assurance that the process for identifying the hazards has been as comprehensive as possible and that each identified hazard has one or more associated controls. The NASA Aerospace Safety Advisory Panel (ASAP) has made several statements in its annual reports supporting a more holistic approach. In 2006, it recommended that "... a comprehensive risk assessment, communication and acceptance process be implemented to ensure that overall launch risk is considered in an integrated and consistent manner." In 2009, it advocated for "... a process for using a risk-informed design approach to produce a design that is optimally and sufficiently safe." As a rationale for the latter advocacy, it stated that "... the ASAP applauds switching to a performance-based approach because it emphasizes early risk identification to guide designs, thus enabling creative design approaches that might be more efficient, safer, or both." For purposes of this preface, it is worth mentioning three areas where the handbook emphasizes a more holistic type of thinking. First, the handbook takes the position that it is important to not just focus on risk on an individual

Modeling Multiple Human-Automation Distributed Systems using Network-form Games

Science.gov (United States)

Brat, Guillaume

2012-01-01

The paper describes at a high-level the network-form game framework (based on Bayes net and game theory), which can be used to model and analyze safety issues in large, distributed, mixed human-automation systems such as NextGen.

Instrumentation and control systems important to safety in nuclear power plants. Safety guide

International Nuclear Information System (INIS)

2005-01-01

This Safety Guide was prepared under the IAEA programme for establishing safety standards for nuclear power plants. It supplements Safety Standards Series No. NS-R-1: Safety of Nuclear Power Plants: Design (the Requirements for Design), which establishes the design requirements for ensuring the safety of nuclear power plants. This Safety Guide describes how the requirements should be met for instrumentation and control (I and C) systems important to safety. This publication is a revision and combination of two previous Safety Guides: Safety Series Nos 50-SG-D3 and 50-SG-D8, which are superseded by this new Safety Guide. The revision takes account of developments in I and C systems important to safety since the earlier Safety Guides were published in 1980 and 1984, respectively. The objective of this Safety Guide is to provide guidance on the design of I and C systems important to safety in nuclear power plants, including all I and C components, from the sensors allocated to the mechanical systems to the actuated equipment, operator interfaces and auxiliary equipment. This Safety Guide deals mainly with design requirements for those I and C systems that are important to safety. It expands on paragraphs of Ref in the area of I and C systems important to safety. This publication is intended for use primarily by designers of nuclear power plants and also by owners and/or operators and regulators of nuclear power plants. This Safety Guide provides general guidance on I and C systems important to safety which is broadly applicable to many nuclear power plants. More detailed requirements and limitations for safe operation specific to a particular plant type should be established as part of the design process. The present guidance is focused on the design principles for systems important to safety that warrant particular attention, and should be applied to both the design of new I and C systems and the modernization of existing systems. Guidance is provided on how design

77 FR 34123 - Pipeline Safety: Public Meeting on Integrity Management of Gas Distribution Pipelines

Science.gov (United States)

2012-06-08

... DEPARTMENT OF TRANSPORTATION Pipeline and Hazardous Materials Safety Administration [Docket No. PHMSA-2012-0100] Pipeline Safety: Public Meeting on Integrity Management of Gas Distribution Pipelines AGENCY: Office of Pipeline Safety, Pipeline and Hazardous Materials Safety Administration, DOT. ACTION...

How could intelligent safety transport systems enhance safety ?

NARCIS (Netherlands)

Wiethoff, M. Heijer, T. & Bekiaris, E.

2017-01-01

In Europe, many deaths and injured each years are the cost of today's road traffic. Therefore, it is wise to look for possible solutions for enhancing traffic safety. Some Advanced Driver Assistance Systems (ADAS) are expected to increase safety, but they may also evoke new safety hazards. Only

Assessment of distributed solar power systems: Issues and impacts

Science.gov (United States)

Moyle, R. A.; Chernoff, H.; Schweizer, T. C.; Patton, J. B.

1982-11-01

The installation of distributed solar-power systems presents electric utilities with a host of questions. Some of the technical and economic impacts of these systems are discussed. Among the technical interconnect issues are isolated operation, power quality, line safety, and metering options. Economic issues include user purchase criteria, structures and installation costs, marketing and product distribution costs, and interconnect costs. An interactive computer program that allows easy calculation of allowable system prices and allowable generation-equipment prices was developed as part of this project. It is concluded that the technical problems raised by distributed solar systems are surmountable, but their resolution may be costly. The stringent purchase criteria likely to be imposed by many potential system users and the economies of large-scale systems make small systems (less than 10 to 20 kW) less attractive than larger systems. Utilities that consider life-cycle costs in making investment decisions and third-party investors who have tax and financial advantages are likely to place the highest value on solar-power systems.

Safety Review related to Commercial Grade Digital Equipment in Safety System

International Nuclear Information System (INIS)

Yu, Yeongjin; Park, Hyunshin; Yu, Yeongjin; Lee, Jaeheung

2013-01-01

The upgrades or replacement of I and C systems on safety system typically involve digital equipment developed in accordance with non-nuclear standards. However, the use of commercial grade digital equipment could include the vulnerability for software common-mode failure, electromagnetic interference and unanticipated problems. Although guidelines and standards for dedication methods of commercial grade digital equipment are provided, there are some difficulties to apply the methods to commercial grade digital equipment for safety system. This paper focuses on regulatory guidelines and relevant documents for commercial grade digital equipment and presents safety review experiences related to commercial grade digital equipment in safety system. This paper focuses on KINS regulatory guides and relevant documents for dedication of commercial grade digital equipment and presents safety review experiences related to commercial grade digital equipment in safety system. Dedication including critical characteristics is required to use the commercial grade digital equipment on safety system in accordance with KEPIC ENB 6370 and EPRI TR-106439. The dedication process should be controlled in a configuration management process. Appropriate methods, criteria and evaluation result should be provided to verify acceptability of the commercial digital equipment used for safety function

Safety parameter display system: an operator support system for enhancement of safety in Indian PHWRs

International Nuclear Information System (INIS)

Subramaniam, K.; Biswas, T.

1994-01-01

Ensuring operational safety in nuclear power plants is important as operator errors are observed to contribute significantly to the occurrence of accidents. Computerized operator support systems, which process and structure information, can help operators during both normal and transient conditions, and thereby enhance safety and aid effective response to emergency conditions. An important operator aid being developed and described in this paper, is the safety parameter display system (SPDS). The SPDS is an event-independent, symptom-based operator aid for safety monitoring. Knowledge-based systems can provide operators with an improved quality of information. An information processing model of a knowledge based operator support system (KBOSS) developed for emergency conditions using an expert system shell is also presented. The paper concludes with a discussion of the design issues involved in the use of a knowledge based systems for real time safety monitoring and fault diagnosis. (author). 8 refs., 4 figs., 1 tab

Penerapan Safety Management System (SMS) Dan Kompetensi Pemandu Lalu Lintas Penerbangan

OpenAIRE

Melissa, Anaria Carini; Subagyo, Toto Hardiyanto; Suharno, Hadi; Majid, Suharto Abdul

2017-01-01

The objective of the research is to analyze the influence between Implementation of Safety Management System (SMS) and Competency of Air Traffic Controller towards Aviation Safety at Perum LPPNPI Main Branch JATSC. Type of research is quantitative research by means of surveys, where data obtained through a questionnaire that will be distributed On Air Traffic Controller Perum LPPNPI Main Branch JATSC. The population in this research is an Air Traffic Controller Perum LPPNPI Main Branch JAT...

Comprehensive Lifecycle for Assuring System Safety

Science.gov (United States)

Knight, John C.; Rowanhill, Jonathan C.

2017-01-01

CLASS is a novel approach to the enhancement of system safety in which the system safety case becomes the focus of safety engineering throughout the system lifecycle. CLASS also expands the role of the safety case across all phases of the system's lifetime, from concept formation to decommissioning. As CLASS has been developed, the concept has been generalized to a more comprehensive notion of assurance becoming the driving goal, where safety is an important special case. This report summarizes major aspects of CLASS and contains a bibliography of papers that provide additional details.

Nitric Acid Revamp and Upgrading of the Alarm & Protection Safety System at Petrokemija, Croatia

Directory of Open Access Journals (Sweden)

Hoško, I.

2012-04-01

Full Text Available Every industrial production, particularly chemical processing, demands special attention in conducting the technological process with regard to the security requirements. For this reason, production processes should be continuously monitored by means of control and alarm safety instrumented systems. In the production of nitric acid at Petrokemija d. d., the original alarm safety system was designed as a combination of an electrical relay safety system and transistorized alarm module system. In order to increase safety requirements and modernize the technological process of nitric acid production, revamping and upgrading of the existing alarm safety system was initiated with a new microprocessor system. The newly derived alarm safety system, Simatic PCS 7, links the function of "classically" distributed control (DCS and logical systems in a common hardware and software platform with integrated engineering tools and operator interface to meet the minimum safety standards with safety integrity level 2 (SIL2 up to level 3 (SIL3, according to IEC 61508 and IEC 61511. This professional paper demonstrates the methodology of upgrading the logic of the alarm safety system in the production of nitric acid in the form of a logical diagram, which was the basis for a further step in its design and construction. Based on the mentioned logical diagram and defined security requirements, the project was implemented in three phases: analysis and testing, installation of the safety equipment and system, and commissioning. Developed also was a verification system of all safety conditions, which could be applied to other facilities for production of nitric acid. With the revamped and upgraded interlock alarm safety system, a new and improved safety boundary in the production of nitric acid was set, which created the foundation for further improvement of the production process in terms of improved analysis.

Safety-related control air systems

International Nuclear Information System (INIS)

Anon.

1977-01-01

This Standard applies to those portions of the control air system that furnish air required to support, control, or operate systems or portions of systems that are safety related in nuclear power plants. This Standard relates only to the air supply system(s) for safety-related air operated devices and does not apply to the safety-related air operated device or to air operated actuators for such devices. The objectives of this Standard are to provide (1) minimum system design requirements for equipment, piping, instruments, controls, and wiring that constitute the air supply system; and (2) the system and component testing and maintenance requirements

Technical considerations for the development of an engineering safety features control system with PLC

International Nuclear Information System (INIS)

Lee, C. K.; Kim, C. H.; Han, J. B.; Kim, H.; Lee, S. S.

2002-01-01

Technical considerations are summarized for the development of an ESFCS(Engineered Safety Features Control System) with PLC (Programmable Logic Controller). The ESFCS is required for the mitigation of plant accident conditions and therefore developed in conformance with the design requirements applied to the safety critical system. The design of ESFCS primarily considered its safety, and the system has an architecture that will be able to minimize spurious actuation. The PLC based functional distribution and redundant design features are adopted, and the fieldbus is applied in the communication of information and control signals between PLC processors. It is expected that the ESFCS will have several advanced design features compared with the conventional systems supplied by foreign vendors

Evaluation of the League General Insurance Company child safety seat distribution program

Science.gov (United States)

1982-05-01

This report presents an evaluation of the child safety seat distribution initiated by the League General Insurance Company in June 1979. The program provides child safety seats as a benefit under the company's auto insurance policies to policy-holder...

A distributed research network model for post-marketing safety studies: the Meningococcal Vaccine Study.

Science.gov (United States)

Velentgas, Priscilla; Bohn, Rhonda L; Brown, Jeffrey S; Chan, K Arnold; Gladowski, Patricia; Holick, Crystal N; Kramer, Judith M; Nakasato, Cynthia; Spettell, Claire M; Walker, Alexander M; Zhang, Fang; Platt, Richard

2008-12-01

We describe a multi-center post-marketing safety study that uses distributed data methods to minimize the need for covered entities to share protected health information (PHI). Implementation has addressed several issues relevant to creation of a large scale post-marketing drug safety surveillance system envisioned by the FDA's Sentinel Initiative. This retrospective cohort study of Guillain-Barré syndrome (GBS) following meningococcal conjugate vaccination incorporates the data and analytic expertise of five research organizations closely affiliated with US health insurers. The study uses administrative claims data, plus review of full text medical records to adjudicate the status of individuals with a diagnosis code for GBS (ICD9 357.0). A distributed network approach is used to create the analysis files and to perform most aspects of the analysis, allowing nearly all of the data to remain behind institutional firewalls. Pooled analysis files transferred to a central site will contain one record per person for approximately 0.2% of the study population, and contain PHI limited to the month and year of GBS onset for cases or the index date for matched controls. The first planned data extraction identified over 9 million eligible adolescents in the target age range of 11-21 years. They contributed an average of 14 months of eligible time on study over 27 months of calendar time. MCV4 vaccination coverage levels exceeded 20% among 17-18-year olds and 16% among 11-13 and 14-16-year-old age groups by the second quarter of 2007. This study demonstrates the feasibility of using a distributed data network approach to perform large scale post-marketing safety analyses and is scalable to include additional organizations and data sources. We believe these results can inform the development of a large national surveillance system. Copyright (c) 2008 John Wiley & Sons, Ltd.

A Methodological Framework for Software Safety in Safety Critical Computer Systems

OpenAIRE

P. V. Srinivas Acharyulu; P. Seetharamaiah

2012-01-01

Software safety must deal with the principles of safety management, safety engineering and software engineering for developing safety-critical computer systems, with the target of making the system safe, risk-free and fail-safe in addition to provide a clarified differentaition for assessing and evaluating the risk, with the principles of software risk management. Problem statement: Prevailing software quality models, standards were not subsisting in adequately addressing the software safety ...

Maximum Safety Regenerative Power Tracking for DC Traction Power Systems

Directory of Open Access Journals (Sweden)

Guifu Du

2017-02-01

Full Text Available Direct current (DC traction power systems are widely used in metro transport systems, with running rails usually being used as return conductors. When traction current flows through the running rails, a potential voltage known as “rail potential” is generated between the rails and ground. Currently, abnormal rises of rail potential exist in many railway lines during the operation of railway systems. Excessively high rail potentials pose a threat to human life and to devices connected to the rails. In this paper, the effect of regenerative power distribution on rail potential is analyzed. Maximum safety regenerative power tracking is proposed for the control of maximum absolute rail potential and energy consumption during the operation of DC traction power systems. The dwell time of multiple trains at each station and the trigger voltage of the regenerative energy absorbing device (READ are optimized based on an improved particle swarm optimization (PSO algorithm to manage the distribution of regenerative power. In this way, the maximum absolute rail potential and energy consumption of DC traction power systems can be reduced. The operation data of Guangzhou Metro Line 2 are used in the simulations, and the results show that the scheme can reduce the maximum absolute rail potential and energy consumption effectively and guarantee the safety in energy saving of DC traction power systems.

Replacement of the complete control system of the NPP Oskarshamn 1 by digital distributed control system

International Nuclear Information System (INIS)

Berger, E.

1998-01-01

As part of an ongoing modernization program, Oskarshamn 1's I and C system and control room will be upgraded by ABB using its Advant Power range of digital, programmable process control system. Besides ensuring the higher level of safety that is demanded today, the new equipment provides the plant with an integrated system which will improve operator overview of operation and reduce risk of human error and serve as a platform for further improvements of the control room. This paper discusses in the example of Oskarshamn 1 how the complete control system of a nuclear power plant may be exchanged, the technical solution and the time schedule. Oskarshamn 1 is the first nuclear power plant in Sweden. It is a boiling water reactor built by ABB ATOM in Sweden between 1966 and 1971. According to this age the control system is semiconductor based and the reactor protection system is relays based. This makes the maintenance expensive and extensions nearly impossible. To extend the life period of this plant the owner has decided to improve the safety system and to replace the reactor protection system and safety related control and the non safety related control by a state of the art digital distributed control system of ABB. In March 1997 ABB got the order to replace the reactor protection system, the safety control system, to start the replacement of all control systems and to replace the old control room by a new ergonomically designed control room. Together with the exchange of the control system an enhancement of the safety system and of the emergency power supply will be implemented

Study of system safety evaluation on LTO of national project. NISA safety research project on system safety of nuclear power plants

International Nuclear Information System (INIS)

Takizawa, Masayuki; Sekimura, Naoto; Miyano, Hiroshi; Aoyama, Katsunobu

2012-01-01

Japanese safety regulatory body, that is, Nuclear and Industrial Safety Agency (NISA) started a 5-year national safety research project as 'the first stage' from 2006 FY to 2010 FY whose objective is 'Improve the technical information basis in order to utilize knowledge as well as information related to ageing management and maintenance of NPPs. Fukushima disaster happened in March 2011, and the priority of research needs for ageing management dramatically changed in Japan. The second-stage national project started in October 2011 with the concept of 'system safety' of NNPs where not only ageing management on degradation phenomena of important components but also safety management on total plant systems are paid attention to. The second-stage project is so called 'Japanese Ageing Management Program for System Safety (JAMPSS)'. (author)

Safety testing for LHC access system

CERN Document Server

Valentini, F; Ninin, P; Scibile, S

2008-01-01

In the domain of Safety Real-Time Systems the problem of testing represents always a big effort in terms of time, costs and efficiency to guarantee an adequate coverage degree. Exhaustive tests may, in fact, not be practicable for large and distributed systems. This paper describes the testing process followed during the validation of the CERN's LHC Access System [1], responsible for monitoring and preventing physical risks for the personnel accessing the underground areas. In the paper we also present a novel strategy for the testing problem, intended to drastically reduce the time for the test patterns generation and execution. In particular, we propose a methodology for blackbox testing that relies on the application of Model Checking techniques. Model Checking is a formal method from computer science, commonly adopted to prove correctness of system’s models through an automatic system’s state space exploration against some property formulas.

78 FR 34703 - Pipeline Safety: Information Collection Activities, Revision to Gas Distribution Annual Report

Science.gov (United States)

2013-06-10

... DEPARTMENT OF TRANSPORTATION Pipeline and Hazardous Materials Safety Administration [Docket No. PHMSA-2013-0004] Pipeline Safety: Information Collection Activities, Revision to Gas Distribution Annual Report AGENCY: Pipeline and Hazardous Materials Safety Administration, DOT. ACTION: Notice and request...

Comparison of methods for uncertainty analysis of nuclear-power-plant safety-system fault-tree models

International Nuclear Information System (INIS)

Martz, H.F.; Beckman, R.J.; Campbell, K.; Whiteman, D.E.; Booker, J.M.

1983-04-01

A comparative evaluation is made of several methods for propagating uncertainties in actual coupled nuclear power plant safety system faults tree models. The methods considered are Monte Carlo simulation, the method of moments, a discrete distribution method, and a bootstrap method. The Monte Carlo method is found to be superior. The sensitivity of the system unavailability distribution to the choice of basic event unavailability distribution is also investigated. The system distribution is also investigated. The system distribution is especially sensitive to the choice of symmetric versus asymmetric basic event distributions. A quick-and dirty method for estimating percentiles of the system unavailability distribution is developed. The method identifies the appropriate basic event distribution percentiles that should be used in evaluating the Boolean system equivalent expression for a given fault tree model to arrive directly at the 5th, 10th, 50th, 90th, and 95th percentiles of the system unavailability distribution

Survey and evaluation of inherent safety characteristics and passive safety systems for use in probabilistic safety analyses

International Nuclear Information System (INIS)

Wetzel, N.; Scharfe, A.

1998-01-01

The present report examines the possibilities and limits of a probabilistic safety analysis to evaluate passive safety systems and inherent safety characteristics. The inherent safety characteristics are based on physical principles, that together with the safety system lead to no damage. A probabilistic evaluation of the inherent safety characteristic is not made. An inventory of passive safety systems of accomplished nuclear power plant types in the Federal Republic of Germany was drawn up. The evaluation of the passive safety system in the analysis of the accomplished nuclear power plant types was examined. The analysis showed that the passive manner of working was always assumed to be successful. A probabilistic evaluation was not performed. The unavailability of the passive safety system was determined by the failure of active components which are necessary in order to activate the passive safety system. To evaluate the passive safety features in new concepts of nuclear power plants the AP600 from Westinghouse, the SBWR from General Electric and the SWR 600 from Siemens, were selected. Under these three reactor concepts, the SWR 600 is specially attractive because the safety features need no energy sources and instrumentation in this concept. First approaches for the assessment of the reliability of passively operating systems are summarized. Generally it can be established that the core melt frequency for the passive concepts AP600 and SBWR is advantageous in comparison to the probabilistic objectives from the European Pressurized Water Reactor (EPR). Under the passive concepts is the SWR 600 particularly interesting. In this concept the passive systems need no energy sources and instrumentation, and has active operational systems and active safety equipment. Siemens argues that with this concept the frequency of a core melt will be two orders of magnitude lower than for the conventional reactors. (orig.) [de

Spatio-temporal assessment of food safety risks in Canadian food distribution systems using GIS.

Science.gov (United States)

Hashemi Beni, Leila; Villeneuve, Sébastien; LeBlanc, Denyse I; Côté, Kevin; Fazil, Aamir; Otten, Ainsley; McKellar, Robin; Delaquis, Pascal

2012-09-01

While the value of geographic information systems (GIS) is widely applied in public health there have been comparatively few examples of applications that extend to the assessment of risks in food distribution systems. GIS can provide decision makers with strong computing platforms for spatial data management, integration, analysis, querying and visualization. The present report addresses some spatio-analyses in a complex food distribution system and defines influence areas as travel time zones generated through road network analysis on a national scale rather than on a community scale. In addition, a dynamic risk index is defined to translate a contamination event into a public health risk as time progresses. More specifically, in this research, GIS is used to map the Canadian produce distribution system, analyze accessibility to contaminated product by consumers, and estimate the level of risk associated with a contamination event over time, as illustrated in a scenario. Crown Copyright © 2012. Published by Elsevier Ltd. All rights reserved.

Does the concept of safety culture help or hinder systems thinking in safety?

Science.gov (United States)

Reiman, Teemu; Rollenhagen, Carl

2014-07-01

The concept of safety culture has become established in safety management applications in all major safety-critical domains. The idea that safety culture somehow represents a "systemic view" on safety is seldom explicitly spoken out, but nevertheless seem to linger behind many safety culture discourses. However, in this paper we argue that the "new" contribution to safety management from safety culture never really became integrated with classical engineering principles and concepts. This integration would have been necessary for the development of a more genuine systems-oriented view on safety; e.g. a conception of safety in which human, technological, organisational and cultural factors are understood as mutually interacting elements. Without of this integration, researchers and the users of the various tools and methods associated with safety culture have sometimes fostered a belief that "safety culture" in fact represents such a systemic view about safety. This belief is, however, not backed up by theoretical or empirical evidence. It is true that safety culture, at least in some sense, represents a holistic term-a totality of factors that include human, organisational and technological aspects. However, the departure for such safety culture models is still human and organisational factors rather than technology (or safety) itself. The aim of this paper is to critically review the various uses of the concept of safety culture as representing a systemic view on safety. The article will take a look at the concepts of culture and safety culture based on previous studies, and outlines in more detail the theoretical challenges in safety culture as a systems concept. The paper also presents recommendations on how to make safety culture more systemic. Copyright © 2013 Elsevier Ltd. All rights reserved.

The aviation safety reporting system

Science.gov (United States)

Reynard, W. D.

1984-01-01

The aviation safety reporting system, an accident reporting system, is presented. The system identifies deficiencies and discrepancies and the data it provides are used for long term identification of problems. Data for planning and policy making are provided. The system offers training in safety education to pilots. Data and information are drawn from the available data bases.

Use of the t-distribution to construct seismic hazard curves for seismic probabilistic safety assessments

Energy Technology Data Exchange (ETDEWEB)

Yee, Eric [KEPCO International Nuclear Graduate School, Dept. of Nuclear Power Plant Engineering, Ulsan (Korea, Republic of)

2017-03-15

Seismic probabilistic safety assessments are used to help understand the impact potential seismic events can have on the operation of a nuclear power plant. An important component to seismic probabilistic safety assessment is the seismic hazard curve which shows the frequency of seismic events. However, these hazard curves are estimated assuming a normal distribution of the seismic events. This may not be a strong assumption given the number of recorded events at each source-to-site distance. The use of a normal distribution makes the calculations significantly easier but may underestimate or overestimate the more rare events, which is of concern to nuclear power plants. This paper shows a preliminary exploration into the effect of using a distribution that perhaps more represents the distribution of events, such as the t-distribution to describe data. The integration of a probability distribution with potentially larger tails basically pushes the hazard curves outward, suggesting a different range of frequencies for use in seismic probabilistic safety assessments. Therefore the use of a more realistic distribution results in an increase in the frequency calculations suggesting rare events are less rare than thought in terms of seismic probabilistic safety assessment. However, the opposite was observed with the ground motion prediction equation considered.

Use of the t-distribution to construct seismic hazard curves for seismic probabilistic safety assessments

International Nuclear Information System (INIS)

Yee, Eric

2017-01-01

Seismic probabilistic safety assessments are used to help understand the impact potential seismic events can have on the operation of a nuclear power plant. An important component to seismic probabilistic safety assessment is the seismic hazard curve which shows the frequency of seismic events. However, these hazard curves are estimated assuming a normal distribution of the seismic events. This may not be a strong assumption given the number of recorded events at each source-to-site distance. The use of a normal distribution makes the calculations significantly easier but may underestimate or overestimate the more rare events, which is of concern to nuclear power plants. This paper shows a preliminary exploration into the effect of using a distribution that perhaps more represents the distribution of events, such as the t-distribution to describe data. The integration of a probability distribution with potentially larger tails basically pushes the hazard curves outward, suggesting a different range of frequencies for use in seismic probabilistic safety assessments. Therefore the use of a more realistic distribution results in an increase in the frequency calculations suggesting rare events are less rare than thought in terms of seismic probabilistic safety assessment. However, the opposite was observed with the ground motion prediction equation considered

Data concentrator requirements for a safety parameter display system

International Nuclear Information System (INIS)

Brewer, C.R.

1983-01-01

To comply with NUREG 0696 several nuclear plants are being fitted with new facilities and data systems; specifically a Technical Support Center (TSC), Operational Support Center (OSC), Emergency Operational Facility (EOF), and Backup Safety Parameter Display System (SPDS), Emergency Response Computer System (ERCS) and Nuclear Data Link (NDL). The TSC, OSC, and EOF are physical locations while the SPDS, ERCS, and NDL are Systems. The SPDS and ERCS are usually separate and independent systems, however, they may share a common front end data acquisition system that acquires and sends SPDS related data to both the SPDS and to the ERCS. In the situation just described an SPDS system must depend upon input data from a source that is SPDS host computer independent. To achieve this independence the front end data acquisition system may employ a concept of intelligent distributed processing. This concept essentially takes functional capabilities that were once found only in realtime host computers and distributes it to front end data acquisition systems. Thus by expanding the functionality of the data acquisition system in a manner that provides more capability, independence from the computer vendor, links to multiple computer systems, processing power and redundancy, the concept of a data concentrator evolved. This paper will define this new distributed functionality, and its related requirements. It will also examine different system configuration approaches

Software for computer based systems important to safety in nuclear power plants. Safety guide

International Nuclear Information System (INIS)

2004-01-01

Computer based systems are of increasing importance to safety in nuclear power plants as their use in both new and older plants is rapidly increasing. They are used both in safety related applications, such as some functions of the process control and monitoring systems, as well as in safety critical applications, such as reactor protection or actuation of safety features. The dependability of computer based systems important to safety is therefore of prime interest and should be ensured. With current technology, it is possible in principle to develop computer based instrumentation and control systems for systems important to safety that have the potential for improving the level of safety and reliability with sufficient dependability. However, their dependability can be predicted and demonstrated only if a systematic, fully documented and reviewable engineering process is followed. Although a number of national and international standards dealing with quality assurance for computer based systems important to safety have been or are being prepared, internationally agreed criteria for demonstrating the safety of such systems are not generally available. It is recognized that there may be other ways of providing the necessary safety demonstration than those recommended here. The basic requirements for the design of safety systems for nuclear power plants are provided in the Requirements for Design issued in the IAEA Safety Standards Series.The IAEA has issued a Technical Report to assist Member States in ensuring that computer based systems important to safety in nuclear power plants are safe and properly licensed. The report provides information on current software engineering practices and, together with relevant standards, forms a technical basis for this Safety Guide. The objective of this Safety Guide is to provide guidance on the collection of evidence and preparation of documentation to be used in the safety demonstration for the software for computer based

Software for computer based systems important to safety in nuclear power plants. Safety guide

International Nuclear Information System (INIS)

2005-01-01

Computer based systems are of increasing importance to safety in nuclear power plants as their use in both new and older plants is rapidly increasing. They are used both in safety related applications, such as some functions of the process control and monitoring systems, as well as in safety critical applications, such as reactor protection or actuation of safety features. The dependability of computer based systems important to safety is therefore of prime interest and should be ensured. With current technology, it is possible in principle to develop computer based instrumentation and control systems for systems important to safety that have the potential for improving the level of safety and reliability with sufficient dependability. However, their dependability can be predicted and demonstrated only if a systematic, fully documented and reviewable engineering process is followed. Although a number of national and international standards dealing with quality assurance for computer based systems important to safety have been or are being prepared, internationally agreed criteria for demonstrating the safety of such systems are not generally available. It is recognized that there may be other ways of providing the necessary safety demonstration than those recommended here. The basic requirements for the design of safety systems for nuclear power plants are provided in the Requirements for Design issued in the IAEA Safety Standards Series.The IAEA has issued a Technical Report to assist Member States in ensuring that computer based systems important to safety in nuclear power plants are safe and properly licensed. The report provides information on current software engineering practices and, together with relevant standards, forms a technical basis for this Safety Guide. The objective of this Safety Guide is to provide guidance on the collection of evidence and preparation of documentation to be used in the safety demonstration for the software for computer based

Software for computer based systems important to safety in nuclear power plants. Safety guide

International Nuclear Information System (INIS)

2000-01-01

Computer based systems are of increasing importance to safety in nuclear power plants as their use in both new and older plants is rapidly increasing. They are used both in safety related applications, such as some functions of the process control and monitoring systems, as well as in safety critical applications, such as reactor protection or actuation of safety features. The dependability of computer based systems important to safety is therefore of prime interest and should be ensured. With current technology, it is possible in principle to develop computer based instrumentation and control systems for systems important to safety that have the potential for improving the level of safety and reliability with sufficient dependability. However, their dependability can be predicted and demonstrated only if a systematic, fully documented and reviewable engineering process is followed. Although a number of national and international standards dealing with quality assurance for computer based systems important to safety have been or are being prepared, internationally agreed criteria for demonstrating the safety of such systems are not generally available. It is recognized that there may be other ways of providing the necessary safety demonstration than those recommended here. The basic requirements for the design of safety systems for nuclear power plants are provided in the Requirements for Design issued in the IAEA Safety Standards Series.The IAEA has issued a Technical Report to assist Member States in ensuring that computer based systems important to safety in nuclear power plants are safe and properly licensed. The report provides information on current software engineering practices and, together with relevant standards, forms a technical basis for this Safety Guide. The objective of this Safety Guide is to provide guidance on the collection of evidence and preparation of documentation to be used in the safety demonstration for the software for computer based

Test Results of a Platform for Safety I and C Systems of SMART MMIS

International Nuclear Information System (INIS)

Suh, Yong Suk; Keum, Jong Yong; Jeong, Kwang Il; Lee, Joon Ku; Lee, Sang Seok; Kim, Kwan Woong

2011-01-01

SMART (System-integrated Modular Advanced ReacTor), a 330MWt integral pressurized light water reactor that integrates four reactor coolant pumps, one pressurizer, eight steam generators, and one reactor core into a reactor vessel, has been under development at KAERI since 1997. A standard design safety analysis report of the SMART prepared by KAERI was submitted to Korea institute of nuclear safety (KINS) at the end of 2010. KAERI aims to achieve standard design approval (SDA) from KINS by the end of 2011. SMART MMIS has been designed using digital systems. It has digital-based compact control rooms. Its instrumentation and control (I and C) systems are designed using modular equipment connected through datalinks. Non-safety I and C systems are designed based on the commercial distributed control systems. Safety I and C systems are based on a new platform developed by KAERI. The platform is a high-speed digital signal processor (DSP)-based control unit. It plays the role of a module that provides control functions of the safety I and C systems. The test facilities have been developed at KAERI since 2009. This paper presents the development and test results of the platform

Jefferson Lab IEC 61508/61511 Safety PLC Based Safety System

International Nuclear Information System (INIS)

Mahoney, Kelly; Robertson, Henry

2009-01-01

This paper describes the design of the new 12 GeV Upgrade Personnel Safety System (PSS) at the Thomas Jefferson National Accelerator Facility (TJNAF). The new PSS design is based on the implementation of systems designed to meet international standards IEC61508 and IEC 61511 for programmable safety systems. In order to meet the IEC standards, TJNAF engineers evaluated several SIL 3 Safety PLCs before deciding on an optimal architecture. In addition to hardware considerations, software quality standards and practices must also be considered. Finally, we will discuss R and D that may lead to both high safety reliability and high machine availability that may be applicable to future accelerators such as the ILC.

Intermediate probabilistic safety assessment approach for safety critical digital systems

International Nuclear Information System (INIS)

Taeyong, Sung; Hyun Gook, Kang

2001-01-01

Even though the conventional probabilistic safety assessment methods are immature for applying to microprocessor-based digital systems, practical needs force to apply it. In the Korea, UCN 5 and 6 units are being constructed and Korean Next Generation Reactor is being designed using the digital instrumentation and control equipment for the safety related functions. Korean regulatory body requires probabilistic safety assessment. This paper analyzes the difficulties on the assessment of digital systems and suggests an intermediate framework for evaluating their safety using fault tree models. The framework deals with several important characteristics of digital systems including software modules and fault-tolerant features. We expect that the analysis result will provide valuable design feedback. (authors)

Integrating system safety into the basic systems engineering process

Science.gov (United States)

Griswold, J. W.

1971-01-01

The basic elements of a systems engineering process are given along with a detailed description of what the safety system requires from the systems engineering process. Also discussed is the safety that the system provides to other subfunctions of systems engineering.

Programmable Electronic Safety Systems

International Nuclear Information System (INIS)

Parry, R.

1993-05-01

Traditionally safety systems intended for protecting personnel from electrical and radiation hazards at particle accelerator laboratories have made extensive use of electromechanical relays. These systems have the advantage of high reliability and allow the designer to easily implement failsafe circuits. Relay based systems are also typically simple to design, implement, and test. As systems, such as those presently under development at the Superconducting Super Collider Laboratory (SSCL), increase in size, and the number of monitored points escalates, relay based systems become cumbersome and inadequate. The move toward Programmable Electronic Safety Systems is becoming more widespread and accepted. In developing these systems there are numerous precautions the designer must be concerned with. Designing fail-safe electronic systems with predictable failure states is difficult at best. Redundancy and self-testing are prime examples of features that should be implemented to circumvent and/or detect failures. Programmable systems also require software which is yet another point of failure and a matter of great concern. Therefore the designer must be concerned with both hardware and software failures and build in the means to assure safe operation or shutdown during failures. This paper describes features that should be considered in developing safety systems and describes a system recently installed at the Accelerator Systems String Test (ASST) facility of the SSCL

Cloud/Fog Computing System Architecture and Key Technologies for South-North Water Transfer Project Safety

Directory of Open Access Journals (Sweden)

Yaoling Fan

2018-01-01

Full Text Available In view of the real-time and distributed features of Internet of Things (IoT safety system in water conservancy engineering, this study proposed a new safety system architecture for water conservancy engineering based on cloud/fog computing and put forward a method of data reliability detection for the false alarm caused by false abnormal data from the bottom sensors. Designed for the South-North Water Transfer Project (SNWTP, the architecture integrated project safety, water quality safety, and human safety. Using IoT devices, fog computing layer was constructed between cloud server and safety detection devices in water conservancy projects. Technologies such as real-time sensing, intelligent processing, and information interconnection were developed. Therefore, accurate forecasting, accurate positioning, and efficient management were implemented as required by safety prevention of the SNWTP, and safety protection of water conservancy projects was effectively improved, and intelligential water conservancy engineering was developed.

A Westinghouse designed distributed mircroprocessor based protection and control system

International Nuclear Information System (INIS)

Bruno, J.; Reid, J.B.

1980-01-01

For approximately five years, Westinghouse has been involved in the design and licensing of a distributed microprocessor based system for the protection and control of a pressurized water reactor nuclear steam supply system. A 'top-down' design methodology was used, in which the system global performance objectives were specified, followed by increasingly more detailed design specifications which ultimately decomposed the system into its basic hardware and software elements. The design process and design decisions were influenced by the recognition that the final product would have to be verified to ensure its capability to perform the safety-related functions of a class 1E protection system. The verification process mirrored the design process except that it was 'bottom-up' and thus started with the basic elements and worked upwards through the system in increasingly complex blocks. A number of areas which are of interest in a distributed system are disucssed, with emphasis on two systems. The first, the Integrated Protection System is primarily responsible for processing signals from field mounted sensors to provide for reactor trips and the initiation of the Engineered Safety Features. The Integrated Control System, which is organized in a parallel manner, processes other sensor signals and generates the necessary analog and on-off signals to maintain the plant parameters within specified limits. Points covered include system structure, systems partitioning strategies, communications techniques, software design concepts, reliability and maintainability, commercial component availability, interference susceptibility, licensing issues, and applicability. (LL)

An efficient method for evaluating the effect of input parameters on the integrity of safety systems

International Nuclear Information System (INIS)

Tang, Zhang-Chun; Zuo, Ming J.; Xiao, Ningcong

2016-01-01

Safety systems are significant to reduce or prevent risk from potentially dangerous activities in industry. Probability of failure to perform its functions on demand (PFD) for safety system usually exhibits variation due to the epistemic uncertainty associated with various input parameters. This paper uses the complementary cumulative distribution function of the PFD to define the exceedance probability (EP) that the PFD of the system is larger than the designed value. Sensitivity analysis of safety system is further investigated, which focuses on the effect of the variance of an individual input parameter on the EP resulting from epistemic uncertainty associated with the input parameters. An available numerical technique called finite difference method is first employed to evaluate the effect, which requires extensive computational cost and needs to select a step size. To address these difficulties, this paper proposes an efficient simulation method to estimate the effect. The proposed method needs only an evaluation to estimate the effects corresponding to all input parameters. Two examples are used to demonstrate that the proposed method can obtain more accurate results with less computation time compared to reported methods. - Highlights: • We define a sensitivity index to measure effect of a parameter for safety system. • We analyze the physical meaning of the sensitivity index. • We propose an efficient simulation method to assess the sensitivity index. • We derive the formulations of this index for lognormal and beta distributions. • Results identify important parameters on exceedance probability of safety system.

Considerations on nuclear reactor passive safety systems

International Nuclear Information System (INIS)

2016-01-01

After having indicated some passive safety systems present in electronuclear reactors (control bars, safety injection system accumulators, reactor cooling after stoppage, hydrogen recombination systems), this report recalls the main characteristics of passive safety systems, and discusses the main issues associated with the assessment of new passive systems (notably to face a sustained loss of electric supply systems or of cold water source) and research axis to be developed in this respect. More precisely, the report comments the classification of safety passive systems as it is proposed by the IAEA, outlines and comments specific aspects of these systems regarding their operation and performance. The next part discusses the safety approach, the control of performance of safety passive systems, issues related to their reliability, and the expected contribution of R and D (for example: understanding of physical phenomena which have an influence of these systems, capacities of simulation of these phenomena, needs of experimentations to validate simulation codes)

Application of REPAS Methodology to Assess the Reliability of Passive Safety Systems

Directory of Open Access Journals (Sweden)

Franco Pierro

2009-01-01

Full Text Available The paper deals with the presentation of the Reliability Evaluation of Passive Safety System (REPAS methodology developed by University of Pisa. The general objective of the REPAS is to characterize in an analytical way the performance of a passive system in order to increase the confidence toward its operation and to compare the performances of active and passive systems and the performances of different passive systems. The REPAS can be used in the design of the passive safety systems to assess their goodness and to optimize their costs. It may also provide numerical values that can be used in more complex safety assessment studies and it can be seen as a support to Probabilistic Safety Analysis studies. With regard to this, some examples in the application of the methodology are reported in the paper. A best-estimate thermal-hydraulic code, RELAP5, has been used to support the analyses and to model the selected systems. Probability distributions have been assigned to the uncertain input parameters through engineering judgment. Monte Carlo method has been used to propagate uncertainties and Wilks' formula has been taken into account to select sample size. Failure criterions are defined in terms of nonfulfillment of the defined design targets.

System safety engineering analysis handbook

Science.gov (United States)

Ijams, T. E.

1972-01-01

The basic requirements and guidelines for the preparation of System Safety Engineering Analysis are presented. The philosophy of System Safety and the various analytic methods available to the engineering profession are discussed. A text-book description of each of the methods is included.

Safety performance monitoring of autonomous marine systems

International Nuclear Information System (INIS)

Thieme, Christoph A.; Utne, Ingrid B.

2017-01-01

The marine environment is vast, harsh, and challenging. Unanticipated faults and events might lead to loss of vessels, transported goods, collected scientific data, and business reputation. Hence, systems have to be in place that monitor the safety performance of operation and indicate if it drifts into an intolerable safety level. This article proposes a process for developing safety indicators for the operation of autonomous marine systems (AMS). The condition of safety barriers and resilience engineering form the basis for the development of safety indicators, synthesizing and further adjusting the dual assurance and the resilience based early warning indicator (REWI) approaches. The article locates the process for developing safety indicators in the system life cycle emphasizing a timely implementation of the safety indicators. The resulting safety indicators reflect safety in AMS operation and can assist in planning of operations, in daily operational decision-making, and identification of improvements. Operation of an autonomous underwater vehicle (AUV) exemplifies the process for developing safety indicators and their implementation. The case study shows that the proposed process leads to a comprehensive set of safety indicators. It is expected that application of the resulting safety indicators consequently will contribute to safer operation of current and future AMS. - Highlights: • Process for developing safety indicators for autonomous marine systems. • Safety indicators based on safety barriers and resilience thinking. • Location of the development process in the system lifecycle. • Case study on AUV demonstrating applicability of the process.

78 FR 29392 - Embedded Digital Devices in Safety-Related Systems, Systems Important to Safety, and Items Relied...

Science.gov (United States)

2013-05-20

... NUCLEAR REGULATORY COMMISSION [NRC-2013-0098] Embedded Digital Devices in Safety-Related Systems, Systems Important to Safety, and Items Relied on for Safety AGENCY: Nuclear Regulatory Commission. ACTION... (NRC) is issuing for public comment Draft Regulatory Issue Summary (RIS) 2013-XX, ``Embedded Digital...

The Evolution of System Safety at NASA

Science.gov (United States)

Dezfuli, Homayoon; Everett, Chris; Groen, Frank

2014-01-01

The NASA system safety framework is in the process of change, motivated by the desire to promote an objectives-driven approach to system safety that explicitly focuses system safety efforts on system-level safety performance, and serves to unify, in a purposeful manner, safety-related activities that otherwise might be done in a way that results in gaps, redundancies, or unnecessary work. An objectives-driven approach to system safety affords more flexibility to determine, on a system-specific basis, the means by which adequate safety is achieved and verified. Such flexibility and efficiency is becoming increasingly important in the face of evolving engineering modalities and acquisition models, where, for example, NASA will increasingly rely on commercial providers for transportation services to low-earth orbit. A key element of this objectives-driven approach is the use of the risk-informed safety case (RISC): a structured argument, supported by a body of evidence, that provides a compelling, comprehensible and valid case that a system is or will be adequately safe for a given application in a given environment. The RISC addresses each of the objectives defined for the system, providing a rational basis for making informed risk acceptance decisions at relevant decision points in the system life cycle.

Software Quality Assurance for Nuclear Safety Systems

International Nuclear Information System (INIS)

Sparkman, D R; Lagdon, R

2004-01-01

The US Department of Energy has undertaken an initiative to improve the quality of software used to design and operate their nuclear facilities across the United States. One aspect of this initiative is to revise or create new directives and guides associated with quality practices for the safety software in its nuclear facilities. Safety software includes the safety structures, systems, and components software and firmware, support software and design and analysis software used to ensure the safety of the facility. DOE nuclear facilities are unique when compared to commercial nuclear or other industrial activities in terms of the types and quantities of hazards that must be controlled to protect workers, public and the environment. Because of these differences, DOE must develop an approach to software quality assurance that ensures appropriate risk mitigation by developing a framework of requirements that accomplishes the following goals: (sm b ullet) Ensures the software processes developed to address nuclear safety in design, operation, construction and maintenance of its facilities are safe (sm b ullet) Considers the larger system that uses the software and its impacts (sm b ullet) Ensures that the software failures do not create unsafe conditions Software designers for nuclear systems and processes must reduce risks in software applications by incorporating processes that recognize, detect, and mitigate software failure in safety related systems. It must also ensure that fail safe modes and component testing are incorporated into software design. For nuclear facilities, the consideration of risk is not necessarily sufficient to ensure safety. Systematic evaluation, independent verification and system safety analysis must be considered for software design, implementation, and operation. The software industry primarily uses risk analysis to determine the appropriate level of rigor applied to software practices. This risk-based approach distinguishes safety

77 FR 70409 - System Safety Program

Science.gov (United States)

2012-11-26

...-0060, Notice No. 2] 2130-AC31 System Safety Program AGENCY: Federal Railroad Administration (FRA... rulemaking (NPRM) published on September 7, 2012, FRA proposed regulations to require commuter and intercity passenger railroads to develop and implement a system safety program (SSP) to improve the safety of their...

Modelling safety of multistate systems with ageing components

Energy Technology Data Exchange (ETDEWEB)

Kołowrocki, Krzysztof; Soszyńska-Budny, Joanna [Gdynia Maritime University, Department of Mathematics ul. Morska 81-87, Gdynia 81-225 Poland (Poland)

2016-06-08

An innovative approach to safety analysis of multistate ageing systems is presented. Basic notions of the ageing multistate systems safety analysis are introduced. The system components and the system multistate safety functions are defined. The mean values and variances of the multistate systems lifetimes in the safety state subsets and the mean values of their lifetimes in the particular safety states are defined. The multi-state system risk function and the moment of exceeding by the system the critical safety state are introduced. Applications of the proposed multistate system safety models to the evaluation and prediction of the safty characteristics of the consecutive “m out of n: F” is presented as well.

Modelling safety of multistate systems with ageing components

International Nuclear Information System (INIS)

Kołowrocki, Krzysztof; Soszyńska-Budny, Joanna

2016-01-01

An innovative approach to safety analysis of multistate ageing systems is presented. Basic notions of the ageing multistate systems safety analysis are introduced. The system components and the system multistate safety functions are defined. The mean values and variances of the multistate systems lifetimes in the safety state subsets and the mean values of their lifetimes in the particular safety states are defined. The multi-state system risk function and the moment of exceeding by the system the critical safety state are introduced. Applications of the proposed multistate system safety models to the evaluation and prediction of the safty characteristics of the consecutive “m out of n: F” is presented as well.

Information System Passive Safety at DaimlerChrysler: from vision to reality

Energy Technology Data Exchange (ETDEWEB)

Ruoff, H. [DaimlerChrysler AG, Sindelfingen (Germany)

2001-07-01

Today, short development times and an extensive model range are key factors when it comes to remaining a leading force in the highly competitive automobile market. Information technology plays a crucial role as an 'enabler' in keeping this competitive edge. It is only possible to make full use of existing potential by using 'state-of-the-art' information technology. In particular, this involves making knowledge that is distributed in various systems and 'heads' available quickly and transparently anytime and anywhere. The improved re-use of acquired expertise, efficient information searches, and standardized and seamless applications lead to a high level of performance. This often involves the transformation of a company culture from 'information hider' to 'information provider'. The vision of converting a gradually created, complex range of systems into a seamless sequence of distributed working processes with numerous participants is becoming reality in the Passive Safety area in Automobile/Vehicle Development at DaimlerChrysler. The INFOS Passive Safety information system provides all the data and information, which is required for, or results from, the entire crash test process. (orig.)

Programmable electronic safety systems

International Nuclear Information System (INIS)

Parry, R.R.

1993-01-01

Traditionally safety systems intended for protecting personnel from electrical and radiation hazards at particle accelerator laboratories have made extensive use of electromechanical relays. These systems have the advantage of high reliability and allow the designer to easily implement fail-safe circuits. Relay based systems are also typically simple to design, implement, and test. As systems, such as those presently under development at the Superconducting Super Collider Laboratory (SSCL), increase in size, and the number of monitored points escalates, relay based systems become cumbersome and inadequate. The move toward Programmable Electronic Safety Systems is becoming more widespread and accepted. In developing these systems there are numerous precautions the designer must be concerned with. Designing fail-safe electronic systems with predictable failure states is difficult at best. Redundancy and self-testing are prime examples of features that should be implemented to circumvent and/or detect failures. Programmable systems also require software which is yet another point of failure and a matter of great concern. Therefore the designer must be concerned with both hardware and software failures and build in the means to assure safe operation or shutdown during failures. This paper describes features that should be considered in developing safety systems and describes a system recently installed at the Accelerator Systems String Test (ASST) facility of the SSCL

Performance and Economic Analysis of Distributed Power Electronics in Photovoltaic Systems

Energy Technology Data Exchange (ETDEWEB)

Deline, C.; Marion, B.; Granata, J.; Gonzalez, S.

2011-01-01

Distributed electronics like micro-inverters and DC-DC converters can help recover mismatch and shading losses in photovoltaic (PV) systems. Under partially shaded conditions, the use of distributed electronics can recover between 15-40% of annual performance loss or more, depending on the system configuration and type of device used. Additional value-added features may also increase the benefit of using per-panel distributed electronics, including increased safety, reduced system design constraints and added monitoring and diagnostics. The economics of these devices will also become more favorable as production volume increases, and integration within the solar panel?s junction box reduces part count and installation time. Some potential liabilities of per-panel devices include increased PV system cost, additional points of failure, and an insertion loss that may or may not offset performance gains under particular mismatch conditions.

The hierarchy of essential CANDU reactor control functions in a distributed system

International Nuclear Information System (INIS)

Mercier, P.

1980-01-01

Control functions in CANDU nuclear generating stations are programmed within two centralized and redundant minicomputers while safety functions are covered by conventional analog systems. This set-up is a product of standards, economic and technical considerations which are now being modified by the maturing of microprocessors, the progress in digital communications and the development of mathematical process models. Starting from the control and safety systems installed in Gentilly-2, this paper analyses trends that will affect the implementation of essential control functions within a distributed system. In particular, it emphasizes the characteristics of future software systems that must be built-in in order to comply with important operational requirements of nuclear generating stations. (auth) [fr

System safety education focused on industrial engineering

Science.gov (United States)

Johnston, W. L.; Morris, R. S.

1971-01-01

An educational program, designed to train students with the specific skills needed to become safety specialists, is described. The discussion concentrates on application, selection, and utilization of various system safety analytical approaches. Emphasis is also placed on the management of a system safety program, its relationship with other disciplines, and new developments and applications of system safety techniques.

Physical safety: using of multimedia technology

International Nuclear Information System (INIS)

Munoz Garcia, M.

1995-01-01

For managing physical safety systems in nuclear power plants sophisticated computer equipment is essential. Standard safety procedure requires systems distributed throughout the plant, especially at security posts: Entrance Door, Access Control Center, Restricted Areas, etc. Besides being highly distributed, computerized physical safety management systems have always been characterized by the need to integrate very different elements. Graphic images have always played a very important role: photographs, fingerprints, signatures, etc. This makes integrated multimedia modules the ideal solution. This presentation describes how safety systems can combine not only still images, but also other multimedia data such as sound and video. It examines methodologies for using this new technology to upgrade high cost computer systems already in operation that can not be replaced. (Author)

Smart Distribution Systems

Directory of Open Access Journals (Sweden)

Yazhou Jiang

2016-04-01

Full Text Available The increasing importance of system reliability and resilience is changing the way distribution systems are planned and operated. To achieve a distribution system self-healing against power outages, emerging technologies and devices, such as remote-controlled switches (RCSs and smart meters, are being deployed. The higher level of automation is transforming traditional distribution systems into the smart distribution systems (SDSs of the future. The availability of data and remote control capability in SDSs provides distribution operators with an opportunity to optimize system operation and control. In this paper, the development of SDSs and resulting benefits of enhanced system capabilities are discussed. A comprehensive survey is conducted on the state-of-the-art applications of RCSs and smart meters in SDSs. Specifically, a new method, called Temporal Causal Diagram (TCD, is used to incorporate outage notifications from smart meters for enhanced outage management. To fully utilize the fast operation of RCSs, the spanning tree search algorithm is used to develop service restoration strategies. Optimal placement of RCSs and the resulting enhancement of system reliability are discussed. Distribution system resilience with respect to extreme events is presented. Test cases are used to demonstrate the benefit of SDSs. Active management of distributed generators (DGs is introduced. Future research in a smart distribution environment is proposed.

Radiation safety systems at the NSLS

International Nuclear Information System (INIS)

Dickinson, T.

1987-04-01

This report describes design principles that were used to establish the radiation safety systems at the National Synchrotron Light Source. The author described existing safety systems and the history of partial system failures. 1 fig

Role of systems safety in maintaining affordable safety in the 1980's

International Nuclear Information System (INIS)

Hollister, H.; Trauth, C.A. Jr.

1979-01-01

Historically, the Department of Energy and its predecessors have used and supported the development of systems safety programs, practices, and principles, finding them by and large adequate, effective, and managerially efficient. Today, attempts are bing made to resolve increasingly complex environmental, safety, and health problems by turning to increasingly complex and detailed regulation as the primary governmental answer. It is increasingly doubtful that such an approach will provide management of these issues and problems that is either effective or efficient. Challenge is issued to those in systems safety to develop and apply systems safety principles and practices more broadly to total operational systems and not just to hardware and to environmental and health protection and not just to safety, so that the total universe of environmental, safety, and health can be managed effectively and efficiently with encouragement of innovation and creativity, using a relatively brief and concise, but adequate, regulatory base

Systems Safety and Engineering Division

Data.gov (United States)

Federal Laboratory Consortium — Volpe's Systems Safety and Engineering Division conducts engineering, research, and analysis to improve transportation safety, capacity, and resiliency. We provide...

Design for safety: theoretical framework of the safety aspect of BIM system to determine the safety index

Directory of Open Access Journals (Sweden)

Ai Lin Evelyn Teo

2016-12-01

Full Text Available Despite the safety improvement drive that has been implemented in the construction industry in Singapore for many years, the industry continues to report the highest number of workplace fatalities, compared to other industries. The purpose of this paper is to discuss the theoretical framework of the safety aspect of a proposed BIM System to determine a Safety Index. An online questionnaire survey was conducted to ascertain the current workplace safety and health situation in the construction industry and explore how BIM can be used to improve safety performance in the industry. A safety hazard library was developed based on the main contributors to fatal accidents in the construction industry, determined from the formal records and existing literature, and a series of discussions with representatives from the Workplace Safety and Health Institute (WSH Institute in Singapore. The results from the survey suggested that the majority of the firms have implemented the necessary policies, programmes and procedures on Workplace Safety and Health (WSH practices. However, BIM is still not widely applied or explored beyond the mandatory requirement that building plans should be submitted to the authorities for approval in BIM format. This paper presents a discussion of the safety aspect of the Intelligent Productivity and Safety System (IPASS developed in the study. IPASS is an intelligent system incorporating the buildable design concept, theory on the detection, prevention and control of hazards, and the Construction Safety Audit Scoring System (ConSASS. The system is based on the premise that safety should be considered at the design stage, and BIM can be an effective tool to facilitate the efforts to enhance safety performance. IPASS allows users to analyse and monitor key aspects of the safety performance of the project before the project starts and as the project progresses.

Improved safety of the system 80+TM standard plants design through increased diversity and redundancy of safety systems

International Nuclear Information System (INIS)

Matzie, Regis A.; Carpentino, Frederick L.; Robertson, James E.

1996-01-01

Safely systems in the System 80+ TM Standard Plant are designed with more redundancy, diversity and simplicity than earlier nuclear power plant designs. These gains were accomplished by an evolutionary process that preserved the desirable and proven features in currently operating nuclear plants, while improving reliability and defense-in-depth. The System 80+ safety systems are the primary contributors to a core damage frequency that is more than 100 times lower than 1980's vintage U. S. designs, including the predecessor System 80 R standard nuclear steam supply system (NSSS) design. The System 80+ design includes significant improvements to the safety injection system, emergency feedwater system, shutdown cooling system, containment spray system, reactor coolant gas vent system, and to their vital support systems. These improvements enhance performance for traditional design basis events and significantly reduce the probability of a severe accident. The System 80+ design also incorporates safety systems to mitigate a severe accident. The added systems include the rapid depressurization system, the in-containment refueling water storage tank, the cavity flooding system. These systems fully address the U. S. Nuclear Regulatory Commission's (US NRC) severe accident policy. The System 80+ safety systems are integrated with the System 80+ Nuclear Island (NI) design. The NI general arrangement provides quadrant separation of the safety systems for protection from fire and flooding, and large equipment pull spaces and lay down areas for maintenance. This paper will describe the System 80+ safety systems advanced design features, the improved accident prevention and mitigation capabilities, and startup, operating and maintenance benefits

Product Engineering Class in the Software Safety Risk Taxonomy for Building Safety-Critical Systems

Science.gov (United States)

Hill, Janice; Victor, Daniel

2008-01-01

When software safety requirements are imposed on legacy safety-critical systems, retrospective safety cases need to be formulated as part of recertifying the systems for further use and risks must be documented and managed to give confidence for reusing the systems. The SEJ Software Development Risk Taxonomy [4] focuses on general software development issues. It does not, however, cover all the safety risks. The Software Safety Risk Taxonomy [8] was developed which provides a construct for eliciting and categorizing software safety risks in a straightforward manner. In this paper, we present extended work on the taxonomy for safety that incorporates the additional issues inherent in the development and maintenance of safety-critical systems with software. An instrument called a Software Safety Risk Taxonomy Based Questionnaire (TBQ) is generated containing questions addressing each safety attribute in the Software Safety Risk Taxonomy. Software safety risks are surfaced using the new TBQ and then analyzed. In this paper we give the definitions for the specialized Product Engineering Class within the Software Safety Risk Taxonomy. At the end of the paper, we present the tool known as the 'Legacy Systems Risk Database Tool' that is used to collect and analyze the data required to show traceability to a particular safety standard

Risk analysis of highly combustible gas storage, supply, and distribution systems in PWR plants

International Nuclear Information System (INIS)

Simion, G.P.; VanHorn, R.L.; Smith, C.L.; Bickel, J.H.; Sattison, M.B.; Bulmahn, K.D.

1993-06-01

This report presents the evaluation of the potential safety concerns for pressurized water reactors (PWRs) identified in Generic Safety Issue 106, Piping and the Use of Highly Combustible Gases in Vital Areas. A Westinghouse four-loop PWR plant was analyzed for the risk due to the use of combustible gases (predominantly hydrogen) within the plant. The analysis evaluated an actual hydrogen distribution configuration and conducted several sensitivity studies to determine the potential variability among PWRs. The sensitivity studies were based on hydrogen and safety-related equipment configurations observed at other PWRs within the United States. Several options for improving the hydrogen distribution system design were identified and evaluated for their effect on risk and core damage frequency. A cost/benefit analysis was performed to determine whether alternatives considered were justifiable based on the safety improvement and economics of each possible improvement

Software system safety

Science.gov (United States)

Uber, James G.

1988-01-01

Software itself is not hazardous, but since software and hardware share common interfaces there is an opportunity for software to create hazards. Further, these software systems are complex, and proven methods for the design, analysis, and measurement of software safety are not yet available. Some past software failures, future NASA software trends, software engineering methods, and tools and techniques for various software safety analyses are reviewed. Recommendations to NASA are made based on this review.

Probabilistic safety criteria at the safety function/system level

International Nuclear Information System (INIS)

1989-09-01

A Technical Committee Meeting was held in Vienna, Austria, from 26-30 January 1987. The objectives of the meeting were: to review the national developments of PSC at the level of safety functions/systems including future trends; to analyse basic principles, assumptions, and objectives; to compare numerical values and the rationale for choosing them; to compile the experience with use of such PSC; to analyse the role of uncertainties in particular regarding procedures for showing compliance. The general objective of establishing PSC at the level of safety functions/systems is to provide a pragmatic tool to evaluate plant safety which is placing emphasis on the prevention principle. Such criteria could thus lead to a better understanding of the importance to safety of the various functions which have to be performed to ensure the safety of the plant, and the engineering means of performing these functions. They would reflect the state-of-the-art in modern PSAs and could contribute to a balance in system design. This report, prepared by the participants of the meeting, reviews the current status and future trends in the field and should assist Member States in developing their national approaches. The draft of this document was also submitted to INSAG to be considered in its work to prepare a document on safety principles for nuclear power plants. Five papers presented at the meeting are also included in this publication. A separate abstract was prepared for each of these papers. Refs, figs and tabs

Distributed Impact Detector System (DIDS) Health Monitoring System Evaluation

Science.gov (United States)

Prosser, William H.; Madaras, Eric I.

2010-01-01

Damage due to impacts from micrometeoroids and orbital debris is one of the most significant on-orbit hazards for spacecraft. Impacts to thermal protection systems must be detected and the damage evaluated to determine if repairs are needed to allow safe re-entry. To address this issue for the International Space Station Program, Langley Research Center and Johnson Space Center technologists have been working to develop and implement advanced methods for detecting impacts and resultant leaks. LaRC funded a Small Business Innovative Research contract to Invocon, Inc. to develop special wireless sensor systems that are compact, light weight, and have long battery lifetimes to enable applications to long duration space structures. These sensor systems are known as distributed impact detection systems (DIDS). In an assessment, the NASA Engineering and Safety Center procured two prototype DIDS sensor units to evaluate their capabilities in laboratory testing and field testing in an ISS Node 1 structural test article. This document contains the findings of the assessment.

Reactor Safety Assessment System

International Nuclear Information System (INIS)

Sebo, D.E.; Bray, M.A.; King, M.A.

1987-01-01

The Reactor Safety Assessment System (RSAS) is an expert system under development for the United States Nuclear Regulatory Commission (USNRC). RSAS is designed for use at the USNRC Operations Center in the event of a serious incident at a licensed nuclear power plant. RSAS is a situation assessment expert system which uses plant parametric data to generate conclusions for use by the NRC Reactor Safety Team. RSAS uses multiple rule bases and plant specific setpoint files to be applicable to all licensed nuclear power plants in the United States. RSAS currently covers several generic reactor categories and multiple plants within each category

Reactor safety assessment system

International Nuclear Information System (INIS)

Sebo, D.E.; Bray, M.A.; King, M.A.

1987-01-01

The Reactor Safety Assessment System (RSAS) is an expert system under development for the United States Nuclear Regulatory Commission (USNRC). RSA is designed for use at the USNRC Operations Center in the event of a serious incident at a licensed nuclear power plant. RSAS is a situation assessment expert system which uses plant parametric data to generate conclusions for use by the NRC Reactor Safety Team. RSAS uses multiple rule bases and plant specific setpoint files to be applicable to all licensed nuclear power plants in the United States. RSAS currently covers several generic reactor categories and multiple plants within each category

Safety systems and safety analysis of the Qinshan phase III CANDU nuclear power plant

International Nuclear Information System (INIS)

Cai Jianping; Shen Sen; Barkman, N.

1999-01-01

The author introduces the Canadian nuclear reactor safety philosophy and the Qinshan Phase III CANDU NPP safety systems and safety analysis, which are designed and performed according to this philosophy. The concept of 'defence-in-depth' is a key element of the Canadian nuclear reactor safety philosophy. The design concepts of redundancy, diversity, separation, equipment qualification, quality assurance, and use of appropriate design codes and standards are adopted in the design. Four special safety systems as well as a set of reliable safety support systems are incorporated in the design of Qinshan phase III CANDU for accident mitigation. The assessment results for safety systems performance show that the fundamental safety criteria for public dose, and integrity of fuel, channels and the reactor building, are satisfied

A distributed clinical decision support system architecture

Directory of Open Access Journals (Sweden)

Shaker H. El-Sappagh

2014-01-01

Full Text Available This paper proposes an open and distributed clinical decision support system architecture. This technical architecture takes advantage of Electronic Health Record (EHR, data mining techniques, clinical databases, domain expert knowledge bases, available technologies and standards to provide decision-making support for healthcare professionals. The architecture will work extremely well in distributed EHR environments in which each hospital has its own local EHR, and it satisfies the compatibility, interoperability and scalability objectives of an EHR. The system will also have a set of distributed knowledge bases. Each knowledge base will be specialized in a specific domain (i.e., heart disease, and the model achieves cooperation, integration and interoperability between these knowledge bases. Moreover, the model ensures that all knowledge bases are up-to-date by connecting data mining engines to each local knowledge base. These data mining engines continuously mine EHR databases to extract the most recent knowledge, to standardize it and to add it to the knowledge bases. This framework is expected to improve the quality of healthcare, reducing medical errors and guaranteeing the safety of patients by helping clinicians to make correct, accurate, knowledgeable and timely decisions.

Food safety performance indicators to benchmark food safety output of food safety management systems.

Science.gov (United States)

Jacxsens, L; Uyttendaele, M; Devlieghere, F; Rovira, J; Gomez, S Oses; Luning, P A

2010-07-31

There is a need to measure the food safety performance in the agri-food chain without performing actual microbiological analysis. A food safety performance diagnosis, based on seven indicators and corresponding assessment grids have been developed and validated in nine European food businesses. Validation was conducted on the basis of an extensive microbiological assessment scheme (MAS). The assumption behind the food safety performance diagnosis is that food businesses which evaluate the performance of their food safety management system in a more structured way and according to very strict and specific criteria will have a better insight in their actual microbiological food safety performance, because food safety problems will be more systematically detected. The diagnosis can be a useful tool to have a first indication about the microbiological performance of a food safety management system present in a food business. Moreover, the diagnosis can be used in quantitative studies to get insight in the effect of interventions on sector or governmental level. Copyright 2010 Elsevier B.V. All rights reserved.

Seismic Fragility of the LANL Fire Water Distribution System

Energy Technology Data Exchange (ETDEWEB)

Greg Mertz

2007-03-30

The purpose of this report is to present the results of a site-wide system fragility assessment. This assessment focuses solely on the performance of the water distribution systems that supply Chemical and Metallurgy Research (CMR), Weapons Engineering and Tritium Facility (WETF), Radioactive Liquid Waste Treatment Facility (RLWTF), Waste Characterization, Reduction, Repackaging Facility (WCRRF), and Transuranic Waste Inspectable Storage Project (TWISP). The analysis methodology is based on the American Lifelines Alliance seismic fragility formulations for water systems. System fragilities are convolved with the 1995 LANL seismic hazards to develop failure frequencies. Acceptance is determined by comparing the failure frequencies to the DOE-1020 Performance Goals. This study concludes that: (1) If a significant number of existing isolation valves in the water distribution system are closed to dedicate the entire water system to fighting fires in specific nuclear facilities; (2) Then, the water distribution systems for WETF, RLWTF, WCRRF, and TWISP meet the PC-2 performance goal and the water distribution system for CMR is capable of surviving a 0.06g earthquake. A parametric study of the WETF water distribution system demonstrates that: (1) If a significant number of valves in the water distribution system are NOT closed to dedicate the entire water system to fighting fires in WETF; (2) Then, the water distribution system for WETF has an annual probability of failure on the order of 4 x 10{sup -3} that does not meet the PC-2 performance goal. Similar conclusions are expected for CMR, RLWTF, WCRRF, and TWISP. It is important to note that some of the assumptions made in deriving the results should be verified by personnel in the safety-basis office and may need to be incorporated in technical surveillance requirements in the existing authorization basis documentation if credit for availability of fire protection water is taken at the PC-2 level earthquake levels

Seismic Fragility of the LANL Fire Water Distribution System

International Nuclear Information System (INIS)

Greg Mertz Jason Cardon Mike Salmon

2007-01-01

The purpose of this report is to present the results of a site-wide system fragility assessment. This assessment focuses solely on the performance of the water distribution systems that supply Chemical and Metallurgy Research (CMR), Weapons Engineering and Tritium Facility (WETF), Radioactive Liquid Waste Treatment Facility (RLWTF), Waste Characterization, Reduction, Repackaging Facility (WCRRF), and Transuranic Waste Inspectable Storage Project (TWISP). The analysis methodology is based on the American Lifelines Alliance seismic fragility formulations for water systems. System fragilities are convolved with the 1995 LANL seismic hazards to develop failure frequencies. Acceptance is determined by comparing the failure frequencies to the DOE-1020 Performance Goals. This study concludes that: (1) If a significant number of existing isolation valves in the water distribution system are closed to dedicate the entire water system to fighting fires in specific nuclear facilities; (2) Then, the water distribution systems for WETF, RLWTF, WCRRF, and TWISP meet the PC-2 performance goal and the water distribution system for CMR is capable of surviving a 0.06g earthquake. A parametric study of the WETF water distribution system demonstrates that: (1) If a significant number of valves in the water distribution system are NOT closed to dedicate the entire water system to fighting fires in WETF; (2) Then, the water distribution system for WETF has an annual probability of failure on the order of 4 x 10 -3 that does not meet the PC-2 performance goal. Similar conclusions are expected for CMR, RLWTF, WCRRF, and TWISP. It is important to note that some of the assumptions made in deriving the results should be verified by personnel in the safety-basis office and may need to be incorporated in technical surveillance requirements in the existing authorization basis documentation if credit for availability of fire protection water is taken at the PC-2 level earthquake levels

Safety-critical Java for embedded systems

DEFF Research Database (Denmark)

Schoeberl, Martin; Dalsgaard, Andreas Engelbredt; Hansen, René Rydhof

2016-01-01

This paper presents the motivation for and outcomes of an engineering research project on certifiable Javafor embedded systems. The project supports the upcoming standard for safety-critical Java, which defines asubset of Java and libraries aiming for development of high criticality systems....... The outcome of this projectinclude prototype safety-critical Java implementations, a time-predictable Java processor, analysis tools formemory safety, and example applications to explore the usability of safety-critical Java for this applicationarea. The text summarizes developments and key contributions...

Concept of passive safe small reactor for distributed energy supply system

International Nuclear Information System (INIS)

Ishida, Toshihisa; Nakajima, Nobuya; Sawada, Ken-ichi; Yoritsune, Tsutomu; Shimada, Shoichiro; Nakano, Yoshihiro; Yonomoto, Taisuke; Takahashi, Hiroki

2003-01-01

This paper presents a concept of a Passive Safe Small Reactor for Distributed energy supply system (PSRD). The PSRD is an integrated-type PWR with reactor thermal power of 100 to 300 MW aimed at supplying electricity, district heating, etc. In design of the PSRD, high priority is laid on enhancement of safety as well as improvement of economy. Safety is enhanced by the following means: i) Extreme reduction of pipes penetrating the reactor vessel, by limiting to only those of the steam, the feed water and the safety valves, ii) Adoption of the water filled containment and the passive safety systems with fluid driven by natural circulation force, and iii) Adoption of the in-vessel type control rod drive mechanism, accompanying a passive reactor shut-down. To comply with a severe operation condition of PSRD, material of the ball bearing with graphite retainer has been selected by test. For improvement of economy, simplification of the reactor system and long operation of the core are achieved. Optimization of core design concerning the burnable poison ensures the burn-up of 28 GWd/t for low enriched UO 2 fuel rods. (author)

A study of software safety analysis system for safety-critical software

International Nuclear Information System (INIS)

Chang, H. S.; Shin, H. K.; Chang, Y. W.; Jung, J. C.; Kim, J. H.; Han, H. H.; Son, H. S.

2004-01-01

The core factors and requirements for the safety-critical software traced and the methodology adopted in each stage of software life cycle are presented. In concept phase, Failure Modes and Effects Analysis (FMEA) for the system has been performed. The feasibility evaluation of selected safety parameter was performed and Preliminary Hazards Analysis list was prepared using HAZOP(Hazard and Operability) technique. And the check list for management control has been produced via walk-through technique. Based on the evaluation of the check list, activities to be performed in requirement phase have been determined. In the design phase, hazard analysis has been performed to check the safety capability of the system with regard to safety software algorithm using Fault Tree Analysis (FTA). In the test phase, the test items based on FMEA have been checked for fitness guided by an accident scenario. The pressurizer low pressure trip algorithm has been selected to apply FTA method to software safety analysis as a sample. By applying CASE tool, the requirements traceability of safety critical system has been enhanced during all of software life cycle phases

Safety assessment for Generation IV nuclear systems

International Nuclear Information System (INIS)

Leahy, T.J.

2012-01-01

The Generation IV International Forum (GIF) Risk and Safety Working Group (RSWG) was created to develop an effective approach for the safety of Generation IV advanced nuclear energy systems. Recent RSWG work has focused on the definition of an integrated safety assessment methodology (ISAM) for evaluating the safety of Generation IV systems. ISAM is an integrated 'tool-kit' consisting of 5 analytical techniques that are available and matched to appropriate stages of Generation IV system concept development: 1) qualitative safety features review - QSR, 2) phenomena identification and ranking table - PIRT, 3) objective provision tree - OPT, 4) deterministic and phenomenological analyses - DPA, and 5) probabilistic safety analysis - PSA. The integrated methodology is intended to yield safety-related insights that help actively drive the evolving design throughout the technology development cycle, potentially resulting in enhanced safety, reduced costs, and shortened development time

Preclosure radiological safety assessment for the ground support system in the exploratory studies facility

International Nuclear Information System (INIS)

Smith, A.J.; Tsai, F.C.

1995-01-01

An initial probabilistic safety assessment was performed for the exploratory studies facility underground opening to determine whether the ground support system should be classified as an item important to safety. The initiating event was taken to be a rock fall in an operational facility impacting a loaded waste transporter. Rock fall probability rates were estimated from data reported by commercial mining operations. This information was retrieved from the data base compiled by the Mining Safety and Health Administration from the mandatory reporting of incidents. The statistical distribution of the rock fall magnitude was estimated from the horizontal and vertical spacing fractures measured at the Yucca Mountain repository horizon. Simple models were developed to estimate container deformation and radionuclide releases arising from the projected distribution of impacts. Accepted techniques were used to calculate atmospheric dispersion and obtain the committed dose to individuals

Analysis of tank safety with propane-butane on LPG distribution station

Directory of Open Access Journals (Sweden)

Krzysiak Zbigniew

2017-12-01

Full Text Available An analysis of the risk of failure in the safety valve – tank with propane-butane (LPG system has been conducted. An uncontrolled outflow of liquid LPG, caused by a failure of the above mentioned system has been considered as a threat. The main research goal of the study is the hazardous analysis of propane-butane gas outflow for the safety valve – LPG tank system. The additional goal is the development of an useful method to fast identify the hazard of a mismatched safety valve. The results of the research analysis have confirmed that safety valves are basic protection of the installation (tank against failures that can lead to loss of life, material damage and further undesired costs of their unreliability. That is why a new, professional computer program has been created that allows for the selection of safety valves or for the verification of a safety valve selection in installations where any technical or technological changes have been made.

OBTAINING FOOD SAFETY BY APPLYING HACCP SYSTEM

Directory of Open Access Journals (Sweden)

ION CRIVEANU

2012-01-01

Full Text Available In order to increase the confidence of the trading partners and consumers in the products which are sold on the market, enterprises producing food are required to implement the food safety system HACCP,a particularly useful system because the manufacturer is not able to fully control finished products . SR EN ISO 22000:2005 establishes requirements for a food safety management system where an organization in the food chain needs to proove its ability to control food safety hazards in order to ensure that food is safe at the time of human consumption. This paper presents the main steps which ensure food safety using the HACCP system, and SR EN ISO 20000:2005 requirements for food safety.

Industrial Personal Computer based Display for Nuclear Safety System

International Nuclear Information System (INIS)

Kim, Ji Hyeon; Kim, Aram; Jo, Jung Hee; Kim, Ki Beom; Cheon, Sung Hyun; Cho, Joo Hyun; Sohn, Se Do; Baek, Seung Min

2014-01-01

The safety display of nuclear system has been classified as important to safety (SIL:Safety Integrity Level 3). These days the regulatory agencies are imposing more strict safety requirements for digital safety display system. To satisfy these requirements, it is necessary to develop a safety-critical (SIL 4) grade safety display system. This paper proposes industrial personal computer based safety display system with safety grade operating system and safety grade display methods. The description consists of three parts, the background, the safety requirements and the proposed safety display system design. The hardware platform is designed using commercially available off-the-shelf processor board with back plane bus. The operating system is customized for nuclear safety display application. The display unit is designed adopting two improvement features, i.e., one is to provide two separate processors for main computer and display device using serial communication, and the other is to use Digital Visual Interface between main computer and display device. In this case the main computer uses minimized graphic functions for safety display. The display design is at the conceptual phase, and there are several open areas to be concreted for a solid system. The main purpose of this paper is to describe and suggest a methodology to develop a safety-critical display system and the descriptions are focused on the safety requirement point of view

Industrial Personal Computer based Display for Nuclear Safety System

Energy Technology Data Exchange (ETDEWEB)

Kim, Ji Hyeon; Kim, Aram; Jo, Jung Hee; Kim, Ki Beom; Cheon, Sung Hyun; Cho, Joo Hyun; Sohn, Se Do; Baek, Seung Min [KEPCO, Youngin (Korea, Republic of)

2014-08-15

The safety display of nuclear system has been classified as important to safety (SIL:Safety Integrity Level 3). These days the regulatory agencies are imposing more strict safety requirements for digital safety display system. To satisfy these requirements, it is necessary to develop a safety-critical (SIL 4) grade safety display system. This paper proposes industrial personal computer based safety display system with safety grade operating system and safety grade display methods. The description consists of three parts, the background, the safety requirements and the proposed safety display system design. The hardware platform is designed using commercially available off-the-shelf processor board with back plane bus. The operating system is customized for nuclear safety display application. The display unit is designed adopting two improvement features, i.e., one is to provide two separate processors for main computer and display device using serial communication, and the other is to use Digital Visual Interface between main computer and display device. In this case the main computer uses minimized graphic functions for safety display. The display design is at the conceptual phase, and there are several open areas to be concreted for a solid system. The main purpose of this paper is to describe and suggest a methodology to develop a safety-critical display system and the descriptions are focused on the safety requirement point of view.

The LHC personnel safety system

International Nuclear Information System (INIS)

Ninin, P.; Valentini, F.; Ladzinski, T.

2011-01-01

Large particle physics installations such as the CERN Large Hadron Collider require specific Personnel Safety Systems (PSS) to protect the personnel against the radiological and industrial hazards. In order to fulfill the French regulation in matter of nuclear installations, the principles of IEC 61508 and IEC 61513 standard are used as a methodology framework to evaluate the criticality of the installation, to design and to implement the PSS.The LHC PSS deals with the implementation of all physical barriers, access controls and interlock devices around the 27 km of underground tunnel, service zones and experimental caverns of the LHC. The system shall guarantee the absence of personnel in the LHC controlled areas during the machine operations and, on the other hand, ensure the automatic accelerator shutdown in case of any safety condition violation, such as an intrusion during beam circulation. The LHC PSS has been conceived as two separate and independent systems: the LHC Access Control System (LACS) and the LHC Access Safety System (LASS). The LACS, using off the shelf technologies, realizes all physical barriers and regulates all accesses to the underground areas by identifying users and checking their authorizations.The LASS has been designed according to the principles of the IEC 61508 and 61513 standards, starting from a risk analysis conducted on the LHC facility equipped with a standard access control system. It consists in a set of safety functions realized by a dedicated fail-safe and redundant hardware guaranteed to be of SIL3 class. The integration of various technologies combining electronics, sensors, video and operational procedures adopted to establish an efficient personnel safety system for the CERN LHC accelerator is presented in this paper. (authors)

Development of System Model for Level 1 Probabilistic Safety Assessment of TRIGA PUSPATI Reactor

International Nuclear Information System (INIS)

Tom, P.P; Mazleha Maskin; Ahmad Hassan Sallehudin Mohd Sarif; Faizal Mohamed; Mohd Fazli Zakaria; Shaharum Ramli; Muhamad Puad Abu

2014-01-01

Nuclear safety is a very big issue in the world. As a consequence of the accident at Fukushima, Japan, most of the reactors in the world have been reviewed their safety of the reactors including also research reactors. To develop Level 1 Probabilistic Safety Assessment (PSA) of TRIGA PUSPATI Reactor (RTP), three organizations are involved; Nuclear Malaysia, AELB and UKM. PSA methodology is a logical, deductive technique which specifies an undesired top event and uses fault trees and event trees to model the various parallel and sequential combinations of failures that might lead to an undesired event. Fault Trees (FT) methodology is use in developing of system models. At the lowest level, the Basic Events (BE) of the fault trees (components failure and human errors) are assigned probability distributions. In this study, Risk Spectrum software used to construct the fault trees and analyze the system models. The results of system models analysis such as core damage frequency (CDF), minimum cut set (MCS) and common cause failure (CCF) uses to support decision making for upgrading or modification of the RTP?s safety system. (author)

Cost benefit analysis of reactor safety systems

International Nuclear Information System (INIS)

Maurer, H.A.

1984-01-01

Cost/benefit analysis of reactor safety systems is a possibility appropriate to deal with reactor safety. The Commission of the European Communities supported a study on the cost-benefit or cost effectiveness of safety systems installed in modern PWR nuclear power plants. The following systems and their cooperation in emergency cases were in particular investigated in this study: the containment system (double containment), the leakage exhaust and control system, the annulus release exhaust system and the containment spray system. The benefit of a safety system is defined according to its contribution to the reduction of the radiological consequences for the environment after a LOCA. The analysis is so far performed in two different steps: the emergency core cooling system is considered to function properly, failure of the emergency core cooling system is assumed (with the possible consequence of core melt-down) and the results may demonstrate the evidence that striving for cost-effectiveness can produce a safer end result than the philosophy of safety at any cost. (orig.)

Safer Systems: A NextGen Aviation Safety Strategic Goal

Science.gov (United States)

Darr, Stephen T.; Ricks, Wendell R.; Lemos, Katherine A.

2008-01-01

The Joint Planning and Development Office (JPDO), is charged by Congress with developing the concepts and plans for the Next Generation Air Transportation System (NextGen). The National Aviation Safety Strategic Plan (NASSP), developed by the Safety Working Group of the JPDO, focuses on establishing the goals, objectives, and strategies needed to realize the safety objectives of the NextGen Integrated Plan. The three goal areas of the NASSP are Safer Practices, Safer Systems, and Safer Worldwide. Safer Practices emphasizes an integrated, systematic approach to safety risk management through implementation of formalized Safety Management Systems (SMS) that incorporate safety data analysis processes, and the enhancement of methods for ensuring safety is an inherent characteristic of NextGen. Safer Systems emphasizes implementation of safety-enhancing technologies, which will improve safety for human-centered interfaces and enhance the safety of airborne and ground-based systems. Safer Worldwide encourages coordinating the adoption of the safer practices and safer systems technologies, policies and procedures worldwide, such that the maximum level of safety is achieved across air transportation system boundaries. This paper introduces the NASSP and its development, and focuses on the Safer Systems elements of the NASSP, which incorporates three objectives for NextGen systems: 1) provide risk reducing system interfaces, 2) provide safety enhancements for airborne systems, and 3) provide safety enhancements for ground-based systems. The goal of this paper is to expose avionics and air traffic management system developers to NASSP objectives and Safer Systems strategies.

Distributed processor systems

International Nuclear Information System (INIS)

Zacharov, B.

1976-01-01

In recent years, there has been a growing tendency in high-energy physics and in other fields to solve computational problems by distributing tasks among the resources of inter-coupled processing devices and associated system elements. This trend has gained further momentum more recently with the increased availability of low-cost processors and with the development of the means of data distribution. In two lectures, the broad question of distributed computing systems is examined and the historical development of such systems reviewed. An attempt is made to examine the reasons for the existence of these systems and to discern the main trends for the future. The components of distributed systems are discussed in some detail and particular emphasis is placed on the importance of standards and conventions in certain key system components. The ideas and principles of distributed systems are discussed in general terms, but these are illustrated by a number of concrete examples drawn from the context of the high-energy physics environment. (Auth.)

Development of digital safety system logic and control

International Nuclear Information System (INIS)

Nishikawa, H.; Sakamoto, H.

1995-01-01

Advanced-BWR (ABWR) uses total digital control and instrumentation (C and I) system. In particular, ABWR adopts a newly developed safety system using advanced digital technology. In the presentation the digital safety system design, manufacturing and factory validation test method are shortly overviewed. The digital safety system consists of micro-processor based digital controllers, data and information transmission by optical fibers and human-machine interface using color flat displays. This new developed safety system meet the nuclear safety requirements such as high reliability, independence of divisions, operability and maintainability. (2 refs., 4 figs., 1 tab.)

The adaptive safety analysis and monitoring system

Science.gov (United States)

Tu, Haiying; Allanach, Jeffrey; Singh, Satnam; Pattipati, Krishna R.; Willett, Peter

2004-09-01

The Adaptive Safety Analysis and Monitoring (ASAM) system is a hybrid model-based software tool for assisting intelligence analysts to identify terrorist threats, to predict possible evolution of the terrorist activities, and to suggest strategies for countering terrorism. The ASAM system provides a distributed processing structure for gathering, sharing, understanding, and using information to assess and predict terrorist network states. In combination with counter-terrorist network models, it can also suggest feasible actions to inhibit potential terrorist threats. In this paper, we will introduce the architecture of the ASAM system, and discuss the hybrid modeling approach embedded in it, viz., Hidden Markov Models (HMMs) to detect and provide soft evidence on the states of terrorist network nodes based on partial and imperfect observations, and Bayesian networks (BNs) to integrate soft evidence from multiple HMMs. The functionality of the ASAM system is illustrated by way of application to the Indian Airlines Hijacking, as modeled from open sources.

Distributed fiber optic sensing enhances pipeline safety and security

Energy Technology Data Exchange (ETDEWEB)

Frings, Jochen; Walk, Tobias [ILF Consulting Engineers, Munich (Germany)

2011-09-15

Pipelines are efficient, highly reliable and safe means of transportation. However, despite intensive right of way surveillance by foot, car and out of the air, pipeline leaks and illegal tappings are a reality - sometimes with catastrophic results. These events show a gap in real-time monitoring caused by the highly distributed nature of pipelines. Parts of this gap now can be closed with distributed fiber optic sensing technology. Using various physical effects this technology is apt to detect temperature, strain, vibrations and sound with very good localization over spans up to 50 km with a single sensor cable. Various field tested applications like leakage detection, third party activity monitoring and intrusion detection or ground movement detection as well as integrity monitoring proof that distributed fiber optic sensing can enhance pipeline safety and security. (orig.)

Safety features of subcritical fluid fueled systems

International Nuclear Information System (INIS)

Bell, C.R.

1995-01-01

Accelerator-driven transmutation technology has been under study at Los Alamos for several years for application to nuclear waste treatment, tritium production, energy generation, and recently, to the disposition of excess weapons plutonium. Studies and evaluations performed to date at Los Alamos have led to a current focus on a fluid-fuel, fission system operating in a neutron source-supported subcritical mode, using molten salt reactor technology and accelerator-driven proton-neutron spallation. In this paper, the safety features and characteristics of such systems are explored from the perspective of the fundamental nuclear safety objectives that any reactor-type system should address. This exploration is qualitative in nature and uses current vintage solid-fueled reactors as a baseline for comparison. Based on the safety perspectives presented, such systems should be capable of meeting the fundamental nuclear safety objectives. In addition, they should be able to provide the safety robustness desired for advanced reactors. However, the manner in which safety objectives and robustness are achieved is very different from that associated with conventional reactors. Also, there are a number of safety design and operational challenges that will have to be addressed for the safety potential of such systems to be credible

Safety features of subcritical fluid fueled systems

International Nuclear Information System (INIS)

Bell, C.R.

1994-01-01

Accelerator-driven transmutation technology has been under study at Los Alamos for several years for application to nuclear waste treatment, tritium production, energy generation, and recently, to the disposition of excess weapons plutonium. Studies and evaluations performed to date at Los Alamos have led to a current focus on a fluid-fuel, fission system operating in a neutron source-supported subcritical mode, using molten salt reactor technology and accelerator-driven proton-neutron spallation. In this paper, the safety features and characteristics of such systems are explored from the perspective of the fundamental nuclear safety objectives that any reactor-type system should address. This exploration is qualitative in nature and uses current vintage solid-fueled reactors as a baseline for comparison. Based on the safety perspectives presented, such systems should be capable of meeting the fundamental nuclear safety objectives. In addition, they should be able to provide the safety robustness desired for advanced reactors. However, the manner in which safety objectives and robustness are achieved in very different from that associated with conventional reactors. Also, there are a number of safety design and operational challenges that will have to be addressed for the safety potential of such systems to be credible

Safety features of subcritical fluid fueled systems

Energy Technology Data Exchange (ETDEWEB)

Bell, C.R. [Los Alamos National Laboratory, NM (United States)

1995-10-01

Accelerator-driven transmutation technology has been under study at Los Alamos for several years for application to nuclear waste treatment, tritium production, energy generation, and recently, to the disposition of excess weapons plutonium. Studies and evaluations performed to date at Los Alamos have led to a current focus on a fluid-fuel, fission system operating in a neutron source-supported subcritical mode, using molten salt reactor technology and accelerator-driven proton-neutron spallation. In this paper, the safety features and characteristics of such systems are explored from the perspective of the fundamental nuclear safety objectives that any reactor-type system should address. This exploration is qualitative in nature and uses current vintage solid-fueled reactors as a baseline for comparison. Based on the safety perspectives presented, such systems should be capable of meeting the fundamental nuclear safety objectives. In addition, they should be able to provide the safety robustness desired for advanced reactors. However, the manner in which safety objectives and robustness are achieved is very different from that associated with conventional reactors. Also, there are a number of safety design and operational challenges that will have to be addressed for the safety potential of such systems to be credible.

77 FR 11120 - Patient Safety Organizations: Voluntary Relinquishment From UAB Health System Patient Safety...

Science.gov (United States)

2012-02-24

... Organizations: Voluntary Relinquishment From UAB Health System Patient Safety Organization AGENCY: Agency for... notification of voluntary relinquishment from the UAB Health System Patient Safety Organization of its status as a Patient Safety Organization (PSO). The Patient Safety and Quality Improvement Act of 2005...

Safety Justification and Safety Case for Safety-critical Software in Digital Reactor Protection System

International Nuclear Information System (INIS)

Kwon, Kee-Choon; Lee, Jang-Soo; Jee, Eunkyoung

2016-01-01

Nuclear safety-critical software is under strict regulatory requirements and these regulatory requirements are essential for ensuring the safety of nuclear power plants. The verification & validation (V and V) and hazard analysis of the safety-critical software are required to follow regulatory requirements through the entire software life cycle. In order to obtain a license from the regulatory body through the development and validation of safety-critical software, it is essential to meet the standards which are required by the regulatory body throughout the software development process. Generally, large amounts of documents, which demonstrate safety justification including standard compliance, V and V, hazard analysis, and vulnerability assessment activities, are submitted to the regulatory body during the licensing process. It is not easy to accurately read and evaluate the whole documentation for the development activities, implementation technology, and validation activities. The safety case methodology has been kwon a promising approach to evaluate the level and depth of the development and validation results. A safety case is a structured argument, supported by a body of evidence that provides a compelling, comprehensible, and valid case that a system is safe for a given application in a given operating environment. It is suggested to evaluate the level and depth of the results of development and validation by applying safety case methodology to achieve software safety demonstration. A lot of documents provided as evidence are connected to claim that corresponds to the topic for safety demonstration. We demonstrated a case study in which more systematic safety demonstration for the target system software is performed via safety case construction than simply listing the documents

Safety Justification and Safety Case for Safety-critical Software in Digital Reactor Protection System

Energy Technology Data Exchange (ETDEWEB)

Kwon, Kee-Choon; Lee, Jang-Soo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Jee, Eunkyoung [KAIST, Daejeon (Korea, Republic of)

2016-10-15

Nuclear safety-critical software is under strict regulatory requirements and these regulatory requirements are essential for ensuring the safety of nuclear power plants. The verification & validation (V and V) and hazard analysis of the safety-critical software are required to follow regulatory requirements through the entire software life cycle. In order to obtain a license from the regulatory body through the development and validation of safety-critical software, it is essential to meet the standards which are required by the regulatory body throughout the software development process. Generally, large amounts of documents, which demonstrate safety justification including standard compliance, V and V, hazard analysis, and vulnerability assessment activities, are submitted to the regulatory body during the licensing process. It is not easy to accurately read and evaluate the whole documentation for the development activities, implementation technology, and validation activities. The safety case methodology has been kwon a promising approach to evaluate the level and depth of the development and validation results. A safety case is a structured argument, supported by a body of evidence that provides a compelling, comprehensible, and valid case that a system is safe for a given application in a given operating environment. It is suggested to evaluate the level and depth of the results of development and validation by applying safety case methodology to achieve software safety demonstration. A lot of documents provided as evidence are connected to claim that corresponds to the topic for safety demonstration. We demonstrated a case study in which more systematic safety demonstration for the target system software is performed via safety case construction than simply listing the documents.

Analysing context-dependent deviations in interacting with safety-critical systems

International Nuclear Information System (INIS)

Paterno, Fabio; Santoro, Carmen

2006-01-01

Mobile technology is penetrating many areas of human life. This implies that the context of use can vary in many respects. We present a method that aims to support designers in managing the complex design space when considering applications with varying contexts and help them to identify solutions that support users in performing their activities while preserving usability and safety. The method is a novel combination of an analysis of both potential deviations in task performance and most suitable information representations based on distributed cognition. The originality of the contribution is in providing a conceptual tool for better understanding the impact of context of use on user interaction in safety-critical domains. In order to present our approach we provide an example in which the implications of introducing new support through mobile devices in a safety-critical system are identified and analysed in terms of potential hazards

INTEGRATED SAFETY MANAGEMENT SYSTEM IN AIR TRAFFIC SERVICES

Directory of Open Access Journals (Sweden)

Volodymyr Kharchenko

2014-06-01

Full Text Available The article deals with the analysis of the researches conducted in the field of safety management systems.Safety management system framework, methods and tools for safety analysis in Air Traffic Control have been reviewed.Principles of development of Integrated safety management system in Air Traffic Services have been proposed.

Analysis and design on airport safety information management system

Directory of Open Access Journals (Sweden)

Yan Lin

2017-01-01

Full Text Available Airport safety information management system is the foundation of implementing safety operation, risk control, safety performance monitor, and safety management decision for the airport. The paper puts forward the architecture of airport safety information management system based on B/S model, focuses on safety information processing flow, designs the functional modules and proposes the supporting conditions for system operation. The system construction is helpful to perfecting the long effect mechanism driven by safety information, continually increasing airport safety management level and control proficiency．

System theory and safety models in Swedish, UK, Dutch and Australian road safety strategies.

Science.gov (United States)

Hughes, B P; Anund, A; Falkmer, T

2015-01-01

Road safety strategies represent interventions on a complex social technical system level. An understanding of a theoretical basis and description is required for strategies to be structured and developed. Road safety strategies are described as systems, but have not been related to the theory, principles and basis by which systems have been developed and analysed. Recently, road safety strategies, which have been employed for many years in different countries, have moved to a 'vision zero', or 'safe system' style. The aim of this study was to analyse the successful Swedish, United Kingdom and Dutch road safety strategies against the older, and newer, Australian road safety strategies, with respect to their foundations in system theory and safety models. Analysis of the strategies against these foundations could indicate potential improvements. The content of four modern cases of road safety strategy was compared against each other, reviewed against scientific systems theory and reviewed against types of safety model. The strategies contained substantial similarities, but were different in terms of fundamental constructs and principles, with limited theoretical basis. The results indicate that the modern strategies do not include essential aspects of systems theory that describe relationships and interdependencies between key components. The description of these strategies as systems is therefore not well founded and deserves further development. Copyright © 2014 Elsevier Ltd. All rights reserved.

Study on 'Safety qualification of process computers used in safety systems of nuclear power plants'

International Nuclear Information System (INIS)

Bertsche, K.; Hoermann, E.

1991-01-01

The study aims at developing safety standards for hardware and software of computer systems which are increasingly used also for important safety systems in nuclear power plants. The survey of the present state-of-the-art of safety requirements and specifications for safety-relevant systems and, additionally, for process computer systems has been compiled from national and foreign rules. In the Federal Republic of Germany the KTA safety guides and the BMI/BMU safety criteria have to be observed. For the design of future computer-aided systems in nuclear power plants it will be necessary to apply the guidelines in [DIN-880] and [DKE-714] together with [DIN-192]. With the aid of a risk graph the various functions of a system, or of a subsystem, can be evaluated with regard to their significance for safety engineering. (orig./HP) [de

Design an optimum safety policy for personnel safety management - A system dynamic approach

International Nuclear Information System (INIS)

Balaji, P.

2014-01-01

Personnel safety management (PSM) ensures that employee's work conditions are healthy and safe by various proactive and reactive approaches. Nowadays it is a complex phenomenon because of increasing dynamic nature of organisations which results in an increase of accidents. An important part of accident prevention is to understand the existing system properly and make safety strategies for that system. System dynamics modelling appears to be an appropriate methodology to explore and make strategy for PSM. Many system dynamics models of industrial systems have been built entirely for specific host firms. This thesis illustrates an alternative approach. The generic system dynamics model of Personnel safety management was developed and tested in a host firm. The model was undergone various structural, behavioural and policy tests. The utility and effectiveness of model was further explored through modelling a safety scenario. In order to create effective safety policy under resource constraint, DOE (Design of experiment) was used. DOE uses classic designs, namely, fractional factorials and central composite designs. It used to make second order regression equation which serve as an objective function. That function was optimized under budget constraint and optimum value used for safety policy which shown greatest improvement in overall PSM. The outcome of this research indicates that personnel safety management model has the capability for acting as instruction tool to improve understanding of safety management and also as an aid to policy making

Design an optimum safety policy for personnel safety management - A system dynamic approach

Energy Technology Data Exchange (ETDEWEB)

Balaji, P. [The Glocal University, Mirzapur Pole, Delhi- Yamuntori Highway, Saharanpur 2470001 (India)

2014-10-06

Personnel safety management (PSM) ensures that employee's work conditions are healthy and safe by various proactive and reactive approaches. Nowadays it is a complex phenomenon because of increasing dynamic nature of organisations which results in an increase of accidents. An important part of accident prevention is to understand the existing system properly and make safety strategies for that system. System dynamics modelling appears to be an appropriate methodology to explore and make strategy for PSM. Many system dynamics models of industrial systems have been built entirely for specific host firms. This thesis illustrates an alternative approach. The generic system dynamics model of Personnel safety management was developed and tested in a host firm. The model was undergone various structural, behavioural and policy tests. The utility and effectiveness of model was further explored through modelling a safety scenario. In order to create effective safety policy under resource constraint, DOE (Design of experiment) was used. DOE uses classic designs, namely, fractional factorials and central composite designs. It used to make second order regression equation which serve as an objective function. That function was optimized under budget constraint and optimum value used for safety policy which shown greatest improvement in overall PSM. The outcome of this research indicates that personnel safety management model has the capability for acting as instruction tool to improve understanding of safety management and also as an aid to policy making.

Design an optimum safety policy for personnel safety management - A system dynamic approach

Science.gov (United States)

Balaji, P.

2014-10-01

Personnel safety management (PSM) ensures that employee's work conditions are healthy and safe by various proactive and reactive approaches. Nowadays it is a complex phenomenon because of increasing dynamic nature of organisations which results in an increase of accidents. An important part of accident prevention is to understand the existing system properly and make safety strategies for that system. System dynamics modelling appears to be an appropriate methodology to explore and make strategy for PSM. Many system dynamics models of industrial systems have been built entirely for specific host firms. This thesis illustrates an alternative approach. The generic system dynamics model of Personnel safety management was developed and tested in a host firm. The model was undergone various structural, behavioural and policy tests. The utility and effectiveness of model was further explored through modelling a safety scenario. In order to create effective safety policy under resource constraint, DOE (Design of experiment) was used. DOE uses classic designs, namely, fractional factorials and central composite designs. It used to make second order regression equation which serve as an objective function. That function was optimized under budget constraint and optimum value used for safety policy which shown greatest improvement in overall PSM. The outcome of this research indicates that personnel safety management model has the capability for acting as instruction tool to improve understanding of safety management and also as an aid to policy making.

Meeting the maglev system's safety requirements

Energy Technology Data Exchange (ETDEWEB)

Pierick, K

1983-12-01

The author shows how the safety requirements of the maglev track system derive from the general legal conditions for the safety of tracked transport. It is described how their compliance beyond the so-called ''development-accompanying'' and ''acceptance-preparatory'' safety work can be assured for the Transrapid test layout (TVE) now building in Emsland and also for later application as public transport system in Germany within the meaning of the General Railway Act.

SCALE system cross-section validation for criticality safety analysis

International Nuclear Information System (INIS)

Hathout, A.M.; Westfall, R.M.; Dodds, H.L. Jr.

1980-01-01

The purpose of this study is to test selected data from three cross-section libraries for use in the criticality safety analysis of UO 2 fuel rod lattices. The libraries, which are distributed with the SCALE system, are used to analyze potential criticality problems which could arise in the industrial fuel cycle for PWR and BWR reactors. Fuel lattice criticality problems could occur in pool storage, dry storage with accidental moderation, shearing and dissolution of irradiated elements, and in fuel transport and storage due to inadequate packing and shipping cask design. The data were tested by using the SCALE system to analyze 25 recently performed critical experiments

Evaluating Models of Human Performance: Safety-Critical Systems Applications

Science.gov (United States)

Feary, Michael S.

2012-01-01

This presentation is part of panel discussion on Evaluating Models of Human Performance. The purpose of this panel is to discuss the increasing use of models in the world today and specifically focus on how to describe and evaluate models of human performance. My presentation will focus on discussions of generating distributions of performance, and the evaluation of different strategies for humans performing tasks with mixed initiative (Human-Automation) systems. I will also discuss issues with how to provide Human Performance modeling data to support decisions on acceptability and tradeoffs in the design of safety critical systems. I will conclude with challenges for the future.

Neighborhood safety and adipose tissue distribution in African Americans: the Jackson Heart Study.

Directory of Open Access Journals (Sweden)

Do Quyen Pham

Full Text Available Patterns of fat distribution are heavily influenced by psychological stress, sex, and among women, by menopause status. Emerging evidence suggests the lack of perceived neighborhood safety due to crime may contribute to psychological stress and obesity among exposed residents. Our objective is to determine if perceived neighborhood safety is associated with abdominal adiposity among African-American men and women, and among pre- and postmenopausal women in the Jackson Heart Study.We examined associations between perceived neighborhood safety, fat distribution, and other individual-level covariates among Jackson Heart Study participants (N = 2,881. Abdominal adiposity was measured via computed tomography scans measuring the volumes of visceral, subcutaneous and total adipose tissue. We also measured body mass index (BMI, and waist circumference. Multivariable regression models estimated associations between perceived neighborhood safety, adiposity, and covariates by sex and menopause status.Adjusting for all covariates, women who strongly disagreed their neighborhood was safe from crime had a higher BMI compared to women who felt safe [Std B 0.083 95% CI (0.010, 0.156]. Premenopausal women who felt most unsafe had higher BMI, waist circumference, and volumes of visceral and total adipose tissue than those who felt safe [Std B 0.160 (0.021, 0.299, Std B 0.142 (0.003, 0.280, Std B 0.150 (0.014, 0.285, Std B 0.154 (0.019, 0.290, respectively]. We did not identify associations between neighborhood safety and adiposity among men and postmenopausal women.Our data suggest that abdominal adipose tissue distribution patterns are associated with perceived neighborhood safety in some groups, and that patterns may differ by sex and menopause status, with most associations observed among pre-menopausal women. Further research is needed to elucidate whether there are causal mechanisms underlying sex and menopause-status differences that may mediate

Electric distribution systems

CERN Document Server

Sallam, A A

2010-01-01

"Electricity distribution is the penultimate stage in the delivery of electricity to end users. The only book that deals with the key topics of interest to distribution system engineers, Electric Distribution Systems presents a comprehensive treatment of the subject with an emphasis on both the practical and academic points of view. Reviewing traditional and cutting-edge topics, the text is useful to practicing engineers working with utility companies and industry, undergraduate graduate and students, and faculty members who wish to increase their skills in distribution system automation and monitoring."--

Strategy to safety grade systems replacements

International Nuclear Information System (INIS)

Stimler, M.; Sullivan, K.E.; Trebincevic, I.

1993-01-01

The introduction of digital instrumentation and control systems in nuclear power plants is characterized by the need to satisfy the requirements of safety, reliability and man-machine ergonomics. Today digital instrumentation and control systems meet these requirements and the trend in Europe is towards full digital based nuclear power plant control systems. This paper describes Siemens (KWU) experience in nuclear power plants and development in trends within Europe. Topics which are the subject of major concern to NPP operators addressed in this paper are: human performance factors - man-machine interface; operating philosophy; safety, availability and reliability. Other aspects addressed are: Siemens open-quotes defense in depthclose quotes concept, description of Siemens digital I ampersand C systems, safety requirements and systems, I ampersand C qualification, control room ergonomics, information systems and retrofitting experience

System safety education focused on system management

Science.gov (United States)

Grose, V. L.

1971-01-01

System safety is defined and characteristics of the system are outlined. Some of the principle characteristics include role of humans in hazard analysis, clear language for input and output, system interdependence, self containment, and parallel analysis of elements.

Design Optimization of Cyber-Physical Distributed Systems using IEEE Time-sensitive Networks (TSN)

DEFF Research Database (Denmark)

Pop, Paul; Lander Raagaard, Michael; Craciunas, Silviu S.

2016-01-01

to the optimization of distributed cyber-physical systems using real-time Ethernet for communication. Then, we formulate two novel optimization problems related to the scheduling and routing of TT and AVB traffic in TSN. Thus, we consider that we know the topology of the network as well as the set of TT and AVB flows......In this paper we are interested in safety-critical real-time applications implemented on distributed architectures supporting the Time-SensitiveNetworking (TSN) standard. The ongoing standardization of TSN is an IEEE effort to bring deterministic real-time capabilities into the IEEE 802.1 Ethernet...... standard supporting safety-critical systems and guaranteed Quality-of-Service. TSN will support Time-Triggered (TT) communication based on schedule tables, Audio-Video-Bridging (AVB) flows with bounded end-to-end latency as well as Best-Effort messages. We first present a survey of research related...

Safety Management System in Croatia Control Ltd.

OpenAIRE

Pavlin, Stanislav; Sorić, Vedran; Bilać, Dragan; Dimnik, Igor; Galić, Daniel

2009-01-01

International Civil Aviation Organization and other international aviation organizations regulate the safety in civil aviation. In the recent years the International Civil Aviation Organization has introduced the concept of the safety management system through several documents among which the most important is the 2006 Safety Management Manual. It treats the safety management system in all the segments of civil aviation, from carriers, aerodromes and air traffic control to design, constructi...

Safety leadership and systems thinking: application and evaluation of a Risk Management Framework in the mining industry.

Science.gov (United States)

Donovan, Sarah-Louise; Salmon, Paul M; Lenné, Michael G; Horberry, Tim

2017-10-01

Safety leadership is an important factor in supporting safety in high-risk industries. This article contends that applying systems-thinking methods to examine safety leadership can support improved learning from incidents. A case study analysis was undertaken of a large-scale mining landslide incident in which no injuries or fatalities were incurred. A multi-method approach was adopted, in which the Critical Decision Method, Rasmussen's Risk Management Framework and Accimap method were applied to examine the safety leadership decisions and actions which enabled the safe outcome. The approach enabled Rasmussen's predictions regarding safety and performance to be examined in the safety leadership context, with findings demonstrating the distribution of safety leadership across leader and system levels, and the presence of vertical integration as key to supporting the successful safety outcome. In doing so, the findings also demonstrate the usefulness of applying systems-thinking methods to examine and learn from incidents in terms of what 'went right'. The implications, including future research directions, are discussed. Practitioner Summary: This paper presents a case study analysis, in which systems-thinking methods are applied to the examination of safety leadership decisions and actions during a large-scale mining landslide incident. The findings establish safety leadership as a systems phenomenon, and furthermore, demonstrate the usefulness of applying systems-thinking methods to learn from incidents in terms of what 'went right'. Implications, including future research directions, are discussed.

Safety Evaluation Approach with Security Controls for Safety I and C Systems on Nuclear Power Plants

International Nuclear Information System (INIS)

Kim, D. H.; Jeong, S. Y.; Kim, Y. M.; Park, H. S.; Lee, M. S.; Kim, T. H.

2016-01-01

This paper addresses concepts of safety and security and relations between them for assessing effects of security features in safety systems. Also, evaluation approach for avoiding confliction with safety requirements and cyber security features which may be adopted in safety-related digital I and C system will be described. In this paper, safety-security life cycle model based confliction avoidance method was proposed to evaluate the effects when the cyber security control features are implemented in the safety I and C system. Also, safety effect evaluation results using the proposed evaluation method were described. In case of technical security controls, many of them are expected to conflict with safety requirements, otherwise operational and managerial controls are not relatively. Safety measures and cyber security measures for nuclear power plants should be implemented not to conflict with one another. Where safety function and security features are both required within the systems, and also where security features are implemented within safety systems, they should be justified

Safety Evaluation Approach with Security Controls for Safety I and C Systems on Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Kim, D. H.; Jeong, S. Y.; Kim, Y. M.; Park, H. S. [KINS, Daejeon (Korea, Republic of); Lee, M. S.; Kim, T. H. [Formal Works Inc., Seoul (Korea, Republic of)

2016-05-15

This paper addresses concepts of safety and security and relations between them for assessing effects of security features in safety systems. Also, evaluation approach for avoiding confliction with safety requirements and cyber security features which may be adopted in safety-related digital I and C system will be described. In this paper, safety-security life cycle model based confliction avoidance method was proposed to evaluate the effects when the cyber security control features are implemented in the safety I and C system. Also, safety effect evaluation results using the proposed evaluation method were described. In case of technical security controls, many of them are expected to conflict with safety requirements, otherwise operational and managerial controls are not relatively. Safety measures and cyber security measures for nuclear power plants should be implemented not to conflict with one another. Where safety function and security features are both required within the systems, and also where security features are implemented within safety systems, they should be justified.

Safety-related control air systems - approved 1977

International Nuclear Information System (INIS)

Anon.

1978-01-01

This standard applies to those portions of the control air system that furnish air required to support, control, or operate systems or portions of systems that are safety related in nuclear power plants. This standard relates only to the air supply system(s) for safety-related air operated devices and does not apply to the safety-related air operated device or to air operated actuators for such devices. The objectives of this standard are to provide (1) minimum system design requirements for equipment, piping, instruments, controls, and wiring that constitute the air supply system; and (2) the system and component testing and maintenance requirements

Design of Mixed-Criticality Applications on Distributed Real-Time Systems

DEFF Research Database (Denmark)

Tamas-Selicean, Domitian

the concept of virtual links, and temporal separation, enforced through schedule tables for TT messages and bandwidth allocation for RC messages. The objective of this thesis is to develop methods and tools for distributed mixed-criticality real-time systems. At the processor level, we are interested......A mixed-criticality system implements applications of different safety-criticality levels onto the same platform. In such cases, the certification standards require that applications of different criticality levels are protected so they cannot influence each other. Otherwise, all tasks have...

Qualification of FPGA-Based Safety-Related PRM System

International Nuclear Information System (INIS)

Miyazaki, Tadashi; Oda, Naotaka; Goto, Yasushi; Hayashi, Toshifumi

2011-01-01

Toshiba has developed Non-rewritable (NRW) Field Programmable Gate Array (FPGA)-based safety-related Instrumentation and Control (I and C) system. Considering application to safety-related systems, nonvolatile and non-rewritable FPGA which is impossible to be changed after once manufactured has been adopted in Toshiba FPGA-based system. FPGA is a device which consists only of basic logic circuits, and FPGA performs defined processing which is configured by connecting the basic logic circuit inside the FPGA. FPGA-based system solves issues existing both in the conventional systems operated by analog circuits (analog-based system) and the systems operated by central processing unit (CPU-based system). The advantages of applying FPGA are to keep the long-life supply of products, improving testability (verification), and to reduce the drift which may occur in analog-based system. The system which Toshiba developed this time is Power Range Neutron Monitor (PRM). Toshiba is planning to expand application of FPGA-based technology by adopting this development process to the other safety-related systems such as RPS from now on. Toshiba developed a special design process for NRW-FPGA-based safety-related I and C systems. The design process resolves issues for many years regarding testability of the digital system for nuclear safety application. Thus, Toshiba NRW-FPGA-based safety-related I and C systems has much advantage to be a would standard of the digital systems for nuclear safety application. (author)

Safety climate and culture: Integrating psychological and systems perspectives.

Science.gov (United States)

Casey, Tristan; Griffin, Mark A; Flatau Harrison, Huw; Neal, Andrew

2017-07-01

Safety climate research has reached a mature stage of development, with a number of meta-analyses demonstrating the link between safety climate and safety outcomes. More recently, there has been interest from systems theorists in integrating the concept of safety culture and to a lesser extent, safety climate into systems-based models of organizational safety. Such models represent a theoretical and practical development of the safety climate concept by positioning climate as part of a dynamic work system in which perceptions of safety act to constrain and shape employee behavior. We propose safety climate and safety culture constitute part of the enabling capitals through which organizations build safety capability. We discuss how organizations can deploy different configurations of enabling capital to exert control over work systems and maintain safe and productive performance. We outline 4 key strategies through which organizations to reconcile the system control problems of promotion versus prevention, and stability versus flexibility. (PsycINFO Database Record (c) 2017 APA, all rights reserved).

Distributed Data Management and Distributed File Systems

CERN Document Server

Girone, Maria

2015-01-01

The LHC program has been successful in part due to the globally distributed computing resources used for collecting, serving, processing, and analyzing the large LHC datasets. The introduction of distributed computing early in the LHC program spawned the development of new technologies and techniques to synchronize information and data between physically separated computing centers. Two of the most challenges services are the distributed file systems and the distributed data management systems. In this paper I will discuss how we have evolved from local site services to more globally independent services in the areas of distributed file systems and data management and how these capabilities may continue to evolve into the future. I will address the design choices, the motivations, and the future evolution of the computing systems used for High Energy Physics.

Safety assessment of high consequence robotics system

International Nuclear Information System (INIS)

Robinson, D.G.; Atcitty, C.B.

1996-01-01

This paper outlines the use of a failure modes and effects analysis for the safety assessment of a robotic system being developed at Sandia National Laboratories. The robotic system, the weigh and leak check system, is to replace a manual process for weight and leakage of nuclear materials at the DOE Pantex facility. Failure modes and effects analyses were completed for the robotics process to ensure that safety goals for the systems have been met. Due to the flexible nature of the robot configuration, traditional failure modes and effects analysis (FMEA) were not applicable. In addition, the primary focus of safety assessments of robotics systems has been the protection of personnel in the immediate area. In this application, the safety analysis must account for the sensitivities of the payload as well as traditional issues. A unique variation on the classical FMEA was developed that permits an organized and quite effective tool to be used to assure that safety was adequately considered during the development of the robotic system. The fundamental aspects of the approach are outlined in the paper

A formal safety analysis for PLC software-based safety critical system using Z

International Nuclear Information System (INIS)

Koh, Jung Soo

1997-02-01

This paper describes a formal safety analysis technique which is demonstrated by performing empirical formal safety analysis with the case study of beamline hutch door Interlock system that is developed by using PLC (Programmable Logic Controller) systems at the Pohang Accelerator Laboratory. In order to perform formal safety analysis, we have built the Z formal specifications representation from user requirement written in ambiguous natural language and target PLC ladder logic, respectively. We have also studied the effective method to express typical PLC timer component by using specific Z formal notation which is supported by temporal history. We present a formal proof technique specifying and verifying that the hazardous states are not introduced into ladder logic in the PLC-based safety critical system. And also, we have found that some errors or mismatches in user requirement and final implemented PLC ladder logic while analyzing the process of the consistency and completeness of Z translated formal specifications. In the case of relatively small systems like Beamline hutch door interlock system, a formal safety analysis including explicit proof is highly recommended so that the safety of PLC-based critical system may be enhanced and guaranteed. It also provides a helpful benefits enough to comprehend user requirement expressed by ambiguous natural language

Quantitative safety assessment of air traffic control systems through system control capacity

Science.gov (United States)

Guo, Jingjing

Quantitative Safety Assessments (QSA) are essential to safety benefit verification and regulations of developmental changes in safety critical systems like the Air Traffic Control (ATC) systems. Effectiveness of the assessments is particularly desirable today in the safe implementations of revolutionary ATC overhauls like NextGen and SESAR. QSA of ATC systems are however challenged by system complexity and lack of accident data. Extending from the idea "safety is a control problem" in the literature, this research proposes to assess system safety from the control perspective, through quantifying a system's "control capacity". A system's safety performance correlates to this "control capacity" in the control of "safety critical processes". To examine this idea in QSA of the ATC systems, a Control-capacity Based Safety Assessment Framework (CBSAF) is developed which includes two control capacity metrics and a procedural method. The two metrics are Probabilistic System Control-capacity (PSC) and Temporal System Control-capacity (TSC); each addresses an aspect of a system's control capacity. And the procedural method consists three general stages: I) identification of safety critical processes, II) development of system control models and III) evaluation of system control capacity. The CBSAF was tested in two case studies. The first one assesses an en-route collision avoidance scenario and compares three hypothetical configurations. The CBSAF was able to capture the uncoordinated behavior between two means of control, as was observed in a historic midair collision accident. The second case study compares CBSAF with an existing risk based QSA method in assessing the safety benefits of introducing a runway incursion alert system. Similar conclusions are reached between the two methods, while the CBSAF has the advantage of simplicity and provides a new control-based perspective and interpretation to the assessments. The case studies are intended to investigate the

NRC Information Notice No. 91-29, Supplement 1: Deficiencies identified during electrical distribution system functional inspections

International Nuclear Information System (INIS)

Rossi, C.E.

1993-01-01

During multidiscipline inspections such as safety system functional inspections (SSFIs) or safety system outage modification inspections (SSOMIs), the NRC identified a number of deficiencies related to the electrical distribution system (EDS). As a result of these deficiencies, the NRC developed the EDSFI to specifically evaluate the EDS. Since 1989, the NRC has performed over 50 EDSFIs, and found design weaknesses in the following generic areas: (1) undervoltage relay setpoints for degraded grid conditions; (2) interrupting capacity of fault protection devices; (3) improper coordination of fault protection devices; (4) analysis of emergency diesel generator (EDG) capacity to power safety-related loads during postulated accidents; and (5) EDG mechanical interfaces. Each of these issues are discussed

Upgrading safety systems of industrial irradiation facilities

International Nuclear Information System (INIS)

Gomes, R.S.; Gomes, J.D.R.L.; Costa, E.L.C.; Costa, M.L.L.; Thomé, Z.D.

2017-01-01

The first industrial irradiation facility in operation in Brazil was designed in the 70s. Nowadays, twelve commercial and research facilities are in operation and two already decommissioned. Minor modifications and upgrades, as sensors replacement, have been introduced in these facilities, in order to reduce the technological gap in the control and safety systems. The safety systems are designed in agreement with the codes and standards at the time. Since then, new standards, codes and recommendations, as well as lessons learned from accidents, have been issued by various international committees or regulatory bodies. The rapid advance of the industry makes the safety equipment used in the original construction become obsolete. The decreasing demand for these older products means that they are no longer produced, which can make it impossible or costly to obtain spare parts and the expansion of legacy systems to include new features. This work aims to evaluate existing safety systems at Brazilian irradiation facilities, mainly the oldest facilities, taking into account the recommended IAEA's design requirements. Irrespective of the fact that during its operational period no event with victims have been recorded in Brazilian facilities, and that the regulatory inspections do not present any serious deviations regarding the safety procedures, it is necessary an assessment of safety system with the purpose of bringing their systems to 'the state of the art', avoiding their rapid obsolescence. This study has also taken into account the knowledge, concepts and solutions developed to upgrading safety system in irradiation facilities throughout the world. (author)

Upgrading safety systems of industrial irradiation facilities

Energy Technology Data Exchange (ETDEWEB)

Gomes, R.S.; Gomes, J.D.R.L.; Costa, E.L.C.; Costa, M.L.L., E-mail: rogeriog@cnen.gov.br, E-mail: jlopes@cnen.gov.br, E-mail: evaldo@cnen.gov.br, E-mail: mara@cnen.gov.br [Comissão Nacional de Energia Nuclear (CNEN), Rio de Janeiro, RJ (Brazil). Diretoria de Radioproteção e Segurança Nuclear; Thomé, Z.D., E-mail: zielithome@gmail.com [Instituto Militar de Engenharia (IME), Rio de Janeiro, RJ (Brazil). Seção de Engenharia Nuclear

2017-07-01

The first industrial irradiation facility in operation in Brazil was designed in the 70s. Nowadays, twelve commercial and research facilities are in operation and two already decommissioned. Minor modifications and upgrades, as sensors replacement, have been introduced in these facilities, in order to reduce the technological gap in the control and safety systems. The safety systems are designed in agreement with the codes and standards at the time. Since then, new standards, codes and recommendations, as well as lessons learned from accidents, have been issued by various international committees or regulatory bodies. The rapid advance of the industry makes the safety equipment used in the original construction become obsolete. The decreasing demand for these older products means that they are no longer produced, which can make it impossible or costly to obtain spare parts and the expansion of legacy systems to include new features. This work aims to evaluate existing safety systems at Brazilian irradiation facilities, mainly the oldest facilities, taking into account the recommended IAEA's design requirements. Irrespective of the fact that during its operational period no event with victims have been recorded in Brazilian facilities, and that the regulatory inspections do not present any serious deviations regarding the safety procedures, it is necessary an assessment of safety system with the purpose of bringing their systems to 'the state of the art', avoiding their rapid obsolescence. This study has also taken into account the knowledge, concepts and solutions developed to upgrading safety system in irradiation facilities throughout the world. (author)

Condensate induced water hammer in a steam distribution system results in fatality

International Nuclear Information System (INIS)

Debban, H.L.; Eyre, L.E.

1996-02-01

Water hammer event s in steam distribution piping interrupt service and have the potential to cause serious injury and property damage. Conditions of condensation induced water hammer are discussed and recommendations aimed to improve safety of steam systems are presented. Condensate induced water hammer events at Hanford, a DOE facility, are examined

Safety status system for operating room devices.

Science.gov (United States)

Guédon, Annetje C P; Wauben, Linda S G L; Overvelde, Marlies; Blok, Joleen H; van der Elst, Maarten; Dankelman, Jenny; van den Dobbelsteen, John J

2014-01-01

Since the increase of the number of technological aids in the operating room (OR), equipment-related incidents have come to be a common kind of adverse events. This underlines the importance of adequate equipment management to improve the safety in the OR. A system was developed to monitor the safety status (periodic maintenance and registered malfunctions) of OR devices and to facilitate the notification of malfunctions. The objective was to assess whether the system is suitable for use in an busy OR setting and to analyse its effect on the notification of malfunctions. The system checks automatically the safety status of OR devices through constant communication with the technical facility management system, informs the OR staff real-time and facilitates notification of malfunctions. The system was tested for a pilot period of six months in four ORs of a Dutch teaching hospital and 17 users were interviewed on the usability of the system. The users provided positive feedback on the usability. For 86.6% of total time, the localisation of OR devices was accurate. 62 malfunctions of OR devices were reported, an increase of 12 notifications compared to the previous year. The safety status system was suitable for an OR complex, both from a usability and technical point of view, and an increase of reported malfunctions was observed. The system eases monitoring the safety status of equipment and is a promising tool to improve the safety related to OR devices.

A philosophy for space nuclear systems safety

International Nuclear Information System (INIS)

Marshall, A.C.

1992-01-01

The unique requirements and contraints of space nuclear systems require careful consideration in the development of a safety policy. The Nuclear Safety Policy Working Group (NSPWG) for the Space Exploration Initiative has proposed a hierarchical approach with safety policy at the top of the hierarchy. This policy allows safety requirements to be tailored to specific applications while still providing reassurance to regulators and the general public that the necessary measures have been taken to assure safe application of space nuclear systems. The safety policy used by the NSPWG is recommended for all space nuclear programs and missions

A Weibull Approach for Enabling Safety-Oriented Decision-Making for Electronic Railway Signaling Systems

Directory of Open Access Journals (Sweden)

Emanuele Pascale

2018-04-01

Full Text Available This paper presents the advantages of using Weibull distributions, within the context of railway signaling systems, for enabling safety-oriented decision-making. Failure rates are used to statistically model the basic event of fault-tree analysis, and their value sizes the maximum allowable latency of failures to fulfill the safety target for which the system has been designed. Relying on field-return failure data, Weibull parameters have been calculated for an existing electronic signaling system and a comparison with existing predictive reliability data, based on exponential distribution, is provided. Results are discussed in order to drive considerations on the respect of quantitative targets and on the impact that a wrong hypothesis might have on the choice of a given architecture. Despite the huge amount of information gathered through the after-sales logbook used to build reliability distribution, several key elements for reliable estimation of failure rate values are still missing. This might affect the uncertainty of reliability parameters and the effort required to collect all the information. We then present how to intervene when operational failure rates present higher values compared to the theoretical approach: increasing the redundancies of the system or performing preventive maintenance tasks. Possible consequences of unjustified adoption of constant failure rate are presented. Some recommendations are also shared in order to build reliability-oriented logbooks and avoid data censoring phenomena by enhancing the functions of the electronic boards composing the system.

The safety interlocking system at the NAC

International Nuclear Information System (INIS)

Visser, K.; Mostert, H.

1984-01-01

The central safety interlocking system (CSIS) controls the higher level of interlocking between the various cyclotron subsystems. It ensures the safe operation of the entire cyclotron facility as regards personnel safety and proper instrument operation. The system consists of a micro-processor with a ROM-based safety interlocking program, relay output modules providing ''safety OK'' instructions to all interlocked apparatus, alarm input modules connected to transducers providing binary alarm status signals and an interface to the central control computer. All solid state electronic components of the system are situated in a low level radiation area and are interfaced to cyclotron equipment by means of 24 V relays

Safety Verification for Probabilistic Hybrid Systems

DEFF Research Database (Denmark)

Zhang, Lijun; She, Zhikun; Ratschan, Stefan

2010-01-01

The interplay of random phenomena and continuous real-time control deserves increased attention for instance in wireless sensing and control applications. Safety verification for such systems thus needs to consider probabilistic variations of systems with hybrid dynamics. In safety verification o...... on a number of case studies, tackled using a prototypical implementation....

Condensate clean up control system with distributed DDC

International Nuclear Information System (INIS)

Yoshioka, K.; Tazima, T.; Nakamura, O.; Kobayashi, S.

1980-01-01

In the operation of the Condensate Clean Up System in BWR plants, regeneration intervals of the demineralizer are not equal and there is no base to determine the interval, which is usually decided by operator's experience. Regeneration of resin is, therefore, sometimes performed too early, leaving much of the capacity of the resin unused. In order to improve such operations efforts were made to equalize the operating time difference of two sequential demineralizers, to control the initial flow into newly-connected demineralizers. The economic and efficient operation of this system, along with the reduction of radioactive resins and the safety supervisory function can be achieved by the distributed DDC with a microprocessor. (LL)

A management system integrating radiation protection and safety supporting safety culture in the hospital

International Nuclear Information System (INIS)

Almen, A.; Lundh, C.

2015-01-01

Quality assurance has been identified as an important part of radiation protection and safety for a considerable time period. A rational expansion and improvement of quality assurance is to integrate radiation protection and safety in a management system. The aim of this study was to explore factors influencing the implementing strategy when introducing a management system including radiation protection and safety in hospitals and to outline benefits of such a system. The main experience from developing a management system is that it is possible to create a vast number of common policies and routines for the whole hospital, resulting in a cost-efficient system. One of the key benefits is the involvement of management at all levels, including the hospital director. Furthermore, a transparent system will involve staff throughout the organisation as well. A management system supports a common view on what should be done, who should do it and how the activities are reviewed. An integrated management system for radiation protection and safety includes key elements supporting a safety culture. (authors)

Regulatory Oversight of Safety Culture in Finland: A Systemic Approach to Safety

International Nuclear Information System (INIS)

Oedewald, P.; Väisäsvaara, J.

2016-01-01

In Finland the Radiation and Nuclear Safety Authority STUK specifies detailed regulatory requirements for good safety culture. Both the requirements and the practical safety culture oversight activities reflect a systemic approach to safety: the interconnections between the technical, human and organizational factors receive special attention. The conference paper aims to show how the oversight of safety culture can be integrated into everyday oversight activities. The paper also emphasises that the scope of the safety culture oversight is not specific safety culture activities of the licencees, but rather the overall functioning of the licence holder or the new build project organization from safety point of view. The regulatory approach towards human and organizational factors and safety culture has evolved throughout the years of nuclear energy production in Finland. Especially the recent new build projects have highlighted the need to systematically pay attention to the non-technical aspects of safety as it has become obvious how the HOF issues can affect the design processes and quality of construction work. Current regulatory guides include a set of safety culture related requirements. The requirements are binding to the licence holders and they set both generic and specific demands on the licencee to understand, monitor and to develop safety culture of their own organization but also that of their supplier network. The requirements set for the licence holders has facilitated the need to develop the regulator’s safety culture oversight practices towards a proactive and systemic approach.

CERN safety system monitoring - SSM

International Nuclear Information System (INIS)

Hakulinen, T.; Ninin, P.; Valentini, F.; Gonzalez, J.; Salatko-Petryszcze, C.

2012-01-01

CERN SSM (Safety System Monitoring) is a system for monitoring state-of-health of the various access and safety systems of the CERN site and accelerator infrastructure. The emphasis of SSM is on the needs of maintenance and system operation with the aim of providing an independent and reliable verification path of the basic operational parameters of each system. Included are all network-connected devices, such as PLCs (local purpose control unit), servers, panel displays, operator posts, etc. The basic monitoring engine of SSM is a freely available system-monitoring framework Zabbix, on top of which a simplified traffic-light-type web-interface has been built. The web-interface of SSM is designed to be ultra-light to facilitate access from hand-held devices over slow connections. The underlying Zabbix system offers history and notification mechanisms typical of advanced monitoring systems. (authors)

Optimal Design of Integrated Systems Health Management (ISHM) Systems for improving safety in NASA's Exploration Vehicles: A Two-Level Multidisciplinary Design Approach

Science.gov (United States)

Mehr, Ali Farhang; Tumer, Irem; Barszcz, Eric

2005-01-01

Integrated Vehicle Health Management (ISHM) systems are used to detect, assess, and isolate functional failures in order to improve safety of space systems such as Orbital Space Planes (OSPs). An ISHM system, as a whole, consists of several subsystems that monitor different components of an OSP including: Spacecraft, Launch Vehicle, Ground Control, and the International Space Station. In this research, therefore, we propose a new methodology to design and optimize ISHM as a distributed system with multiple disciplines (that correspond to different subsystems of OSP safety). A paramount amount of interest has been given in the literature to the multidisciplinary design optimization of problems with such architecture (as will be reviewed in the full paper).

The ATLAS Detector Safety System

CERN Multimedia

Helfried Burckhart; Kathy Pommes; Heidi Sandaker

The ATLAS Detector Safety System (DSS) has the mandate to put the detector in a safe state in case an abnormal situation arises which could be potentially dangerous for the detector. It covers the CERN alarm severity levels 1 and 2, which address serious risks for the equipment. The highest level 3, which also includes danger for persons, is the responsibility of the CERN-wide system CSAM, which always triggers an intervention by the CERN fire brigade. DSS works independently from and hence complements the Detector Control System, which is the tool to operate the experiment. The DSS is organized in a Front- End (FE), which fulfills autonomously the safety functions and a Back-End (BE) for interaction and configuration. The overall layout is shown in the picture below. ATLAS DSS configuration The FE implementation is based on a redundant Programmable Logical Crate (PLC) system which is used also in industry for such safety applications. Each of the two PLCs alone, one located underground and one at the s...

Energy management techniques: SRP cooling water distribution system

International Nuclear Information System (INIS)

Edenfield, A.B.

1979-10-01

Cooling water for the nuclear reactors at the Savannah River Plant is supplied by a pumping and distribution system that includes about 50 miles of underground pipeline. The energy management program at SRP has thus far achieved a savings of about 5% (186 x 10 9 Btu) of the energy consumed by the electrically powered cooling water pumps; additional savings of about 14% (535 x 10 9 Btu) can be achieved by capital expenditures totaling about $3.7 million. The present cost of electricity for operation of this system is about $25 million per year. A computer model of the system was adapted and field test data were used to normalize the program to accurately represent pipeline physical characteristics. Alternate pumping schemes are analyzed to determine projected energy costs and impact on system safety and reliability

Systems engineered health and safety criteria for safety analysis reports

International Nuclear Information System (INIS)

Beitel, G.A.; Morcos, N.

1993-01-01

The world of safety analysis is filled with ambiguous words: codes and standards, consequences and risks, hazard and accident, and health and safety. These words have been subject to disparate interpretations by safety analysis report (SAR) writers, readers, and users. open-quotes Principal health and safety criteriaclose quotes has been one of the most frequently misused phrases; rarely is it used consistently or effectively. This paper offers an easily understood definition for open-quotes principal health and safety criteriaclose quotes and uses systems engineering to convert an otherwise mysterious topic into the primary means of producing an integrated SAR. This paper is based on SARs being written for environmental restoration and waste management activities for the U.S. Department of Energy (DOE). Requirements for these SARs are prescribed in DOE Order 5480-23, open-quotes Nuclear Safety Analysis Reports.close quotes

[Analysis of foreign experience of usage of automation systems of medication distribution in prevention and treatment facilities].

Science.gov (United States)

Miroshnichenko, Iu V; Umarov, S Z

2012-12-01

One of the ways of increase of effectiveness and safety of patients medication supplement is the use of automated systems of distribution, through which substantially increases the efficiency and safety of patients' medication supplement, achieves significant economy of material and financial resources for medication assistance and possibility of systematical improvement of its accessibility and quality.

LOFT integral test system final safety analysis report

International Nuclear Information System (INIS)

1974-03-01

Safety analyses are presented for the following LOFT Reactor systems: engineering safety features; support buildings and facilities; instrumentation and controls; electrical systems; and auxiliary systems. (JWR)

The application of redundancy-related basic safety principles to the 1400 MWE reactor core standby cooling system

International Nuclear Information System (INIS)

Bertrand, R.

1990-01-01

This memorandum shall provide the background for the work of the European Community Commission which is to analyze safety principles relating to redundancy. The redundancy-related basic safety principles applied in French nuclear power plants are the following: . the single-failure criterion, . provisions additional to application of the single-failure criterion. These are mainly provisions made at the design stage to minimize risks associated with common cause failures or the risks of human error which can lead to such failures: - protection against hazards of internal and external origin, - the geographical or physical separation of equipment, - the independence of electrical power supplies and distribution systems, - the additional resources and associated operating procedures making it possible to accommodate total loss of the safety systems. The scope also includes the operating rules which ensure availability of redundant safety-related equipment. The provisions relating to the single-failure criterion are detailed in Basic Safety Rule 1.3.A appended. The application of these principles proposed by the operating organization and accepted by the safety authorities for the design and operation of the standby core cooling system (System RIS) is explained

Distributed radiation data acquisition system for KAPP

International Nuclear Information System (INIS)

Narsaiah, A.; Anantakrishnan, T.S.; Bairi, B.R.

1992-01-01

Increased concern for the safety of personnel working in Nuclear Power Stations demands an efficient centralized Radiation Data Acquisition System (RADAS) to monitor different types of radiation at distributed locations of the plant. The system provides a comprehensive picture of radio-activity level distribution in the reactor building to facilitate prompt and correct decision making to take care of any emergency situation. The system is build around an industrial IBM-PC connected to remote intelligent data acquisition units using serial data communication links. To ensure high system availability and ease of maintenance the mechanical moving disk storage has been replaced by solid state memory storage (RAM Disk). Functional CRT displays have been substituted by the assembly of IBM-PC Mother Board with built-in firmware and standard TV Monitor. The computer handles a variety of processing functions which include the conversion to engineering units, checking of alarms, display/printing of plant radiation level status and system diagnostics. Intelligent terminals have been provided with graphic and text formatting capabilities. A hot standby computer connected to analog and digital inputs takes over the system functions on the failure of the host system. Modular software written in the higher level C-language runs under a standard real-time operating system Kernel. This provides for easy modification and expandability at site. Based on the experience of its commissioning at Kakrapar Power Station a new compact version is being designed for a specific application in another class of reactor. (author). 3 refs., 1 fig

Analyzing Software Requirements Errors in Safety-Critical, Embedded Systems

Science.gov (United States)

Lutz, Robyn R.

1993-01-01

This paper analyzes the root causes of safety-related software errors in safety-critical, embedded systems. The results show that software errors identified as potentially hazardous to the system tend to be produced by different error mechanisms than non- safety-related software errors. Safety-related software errors are shown to arise most commonly from (1) discrepancies between the documented requirements specifications and the requirements needed for correct functioning of the system and (2) misunderstandings of the software's interface with the rest of the system. The paper uses these results to identify methods by which requirements errors can be prevented. The goal is to reduce safety-related software errors and to enhance the safety of complex, embedded systems.

Task 5. Grid interconnection of building integrated and other dispersed photovoltaic power systems. Risk analysis of islanding of photovoltaic power systems within low voltage distribution networks

Energy Technology Data Exchange (ETDEWEB)

Cullen, N. [Freelance Consultant, Hillside House, Swindon SN1 3QA (United Kingdom); Thornycroft, J. [Halcrow Group Ltd, Burderop Park, Swindon SN4 0QD (United Kingdom); Collinson, A. [EA Technology, Capenhurst Technology Park, Chester CH1 6ES (United Kingdom)

2002-03-15

This report for the International Energy Agency (IEA) made by Task 5 of the Photovoltaic Power Systems (PVPS) programme presents the results of a risk analysis concerning photovoltaic power systems islanding in low-voltage distribution networks. The mission of the Photovoltaic Power Systems Programme is to enhance the international collaboration efforts which accelerate the development and deployment of photovoltaic solar energy. Task 5 deals with issues concerning grid-interconnection and distributed PV power systems. The purpose of this study was to apply formal risk analysis techniques to the issue of islanding of photovoltaic power systems within low voltage distribution networks. The aim was to determine the additional level of risk that islanding could present to the safety of customers and network maintenance staff. The study identified the reliability required for islanding detection and control systems based on standard procedures for developing a safety assurance strategy. The main conclusions are presented and discussed and recommendations are made. The report is concluded with an appendix that lists the relative risks involved.

Model Checking Geographically Distributed Interlocking Systems Using UMC

DEFF Research Database (Denmark)

Fantechi, Alessandro; Haxthausen, Anne Elisabeth; Nielsen, Michel Bøje Randahl

2017-01-01

the relevant distributed protocols. By doing that we obey the safety guidelines of the railway signalling domain, that require formal methods to support the certification of such products. We also show how formal modelling can help designing alternative distributed solutions, while maintaining adherence...

Using system dynamics simulation for assessment of hydropower system safety

Science.gov (United States)

King, L. M.; Simonovic, S. P.; Hartford, D. N. D.

2017-08-01

Hydropower infrastructure systems are complex, high consequence structures which must be operated safely to avoid catastrophic impacts to human life, the environment, and the economy. Dam safety practitioners must have an in-depth understanding of how these systems function under various operating conditions in order to ensure the appropriate measures are taken to reduce system vulnerability. Simulation of system operating conditions allows modelers to investigate system performance from the beginning of an undesirable event to full system recovery. System dynamics simulation facilitates the modeling of dynamic interactions among complex arrangements of system components, providing outputs of system performance that can be used to quantify safety. This paper presents the framework for a modeling approach that can be used to simulate a range of potential operating conditions for a hydropower infrastructure system. Details of the generic hydropower infrastructure system simulation model are provided. A case study is used to evaluate system outcomes in response to a particular earthquake scenario, with two system safety performance measures shown. Results indicate that the simulation model is able to estimate potential measures of system safety which relate to flow conveyance and flow retention. A comparison of operational and upgrade strategies is shown to demonstrate the utility of the model for comparing various operational response strategies, capital upgrade alternatives, and maintenance regimes. Results show that seismic upgrades to the spillway gates provide the largest improvement in system performance for the system and scenario of interest.

Analysis of Aviation Safety Reporting System Incident Data Associated with the Technical Challenges of the System-Wide Safety and Assurance Technologies Project

Science.gov (United States)

Withrow, Colleen A.; Reveley, Mary S.

2015-01-01

The Aviation Safety Program (AvSP) System-Wide Safety and Assurance Technologies (SSAT) Project asked the AvSP Systems and Portfolio Analysis Team to identify SSAT-related trends. SSAT had four technical challenges: advance safety assurance to enable deployment of NextGen systems; automated discovery of precursors to aviation safety incidents; increasing safety of human-automation interaction by incorporating human performance, and prognostic algorithm design for safety assurance. This report reviews incident data from the NASA Aviation Safety Reporting System (ASRS) for system-component-failure- or-malfunction- (SCFM-) related and human-factor-related incidents for commercial or cargo air carriers (Part 121), commuter airlines (Part 135), and general aviation (Part 91). The data was analyzed by Federal Aviation Regulations (FAR) part, phase of flight, SCFM category, human factor category, and a variety of anomalies and results. There were 38 894 SCFM-related incidents and 83 478 human-factorrelated incidents analyzed between January 1993 and April 2011.

Soft systems methodology as a systemic approach to nuclear safety management

International Nuclear Information System (INIS)

Vieira Neto, Antonio S.; Guilhen, Sabine N.; Rubin, Gerson A.; Caldeira Filho, Jose S.; Camargo, Iara M.C.

2017-01-01

Safety approach currently adopted by nuclear installations is built almost exclusively upon analytical methodologies based, mainly, on the belief that the properties of a system, such as its safety, are given by its constituent parts. This approach, however, does not properly address the complex dynamic interactions between technical, human and organizational factors occurring within and outside the organization. After the accident at Fukushima Daiichi nuclear power plant in March 2011, experts of the International Atomic Energy Agency (IAEA) recommended a systemic approach as a complementary perspective to nuclear safety. The aim of this paper is to present an overview of the systems thinking approach and its potential use for structuring socio technical problems involved in the safety of nuclear installations, highlighting the methodologies related to the soft systems thinking, in particular the Soft Systems Methodology (SSM). The implementation of a systemic approach may thus result in a more holistic picture of the system by the complex dynamic interactions between technical, human and organizational factors. (author)

Soft systems methodology as a systemic approach to nuclear safety management

Energy Technology Data Exchange (ETDEWEB)

Vieira Neto, Antonio S.; Guilhen, Sabine N.; Rubin, Gerson A.; Caldeira Filho, Jose S.; Camargo, Iara M.C., E-mail: asvneto@ipen.br, E-mail: snguilhen@ipen.br, E-mail: garubin@ipen.br, E-mail: jscaldeira@ipen.br, E-mail: icamargo@ipen.br [Instituto de Pesquisas Energeticas e Nucleares (IPEN/CNE-SP), Sao Paulo, SP (Brazil)

2017-07-01

Safety approach currently adopted by nuclear installations is built almost exclusively upon analytical methodologies based, mainly, on the belief that the properties of a system, such as its safety, are given by its constituent parts. This approach, however, does not properly address the complex dynamic interactions between technical, human and organizational factors occurring within and outside the organization. After the accident at Fukushima Daiichi nuclear power plant in March 2011, experts of the International Atomic Energy Agency (IAEA) recommended a systemic approach as a complementary perspective to nuclear safety. The aim of this paper is to present an overview of the systems thinking approach and its potential use for structuring socio technical problems involved in the safety of nuclear installations, highlighting the methodologies related to the soft systems thinking, in particular the Soft Systems Methodology (SSM). The implementation of a systemic approach may thus result in a more holistic picture of the system by the complex dynamic interactions between technical, human and organizational factors. (author)

Spallation Neutron Source Accelerator Facility Target Safety and Non-safety Control Systems

International Nuclear Information System (INIS)

Battle, Ronald E.; DeVan, B.; Munro, John K. Jr.

2006-01-01

The Spallation Neutron Source (SNS) is a proton accelerator facility that generates neutrons for scientific researchers by spallation of neutrons from a mercury target. The SNS became operational on April 28, 2006, with first beam on target at approximately 200 W. The SNS accelerator, target, and conventional facilities controls are integrated by standardized hardware and software throughout the facility and were designed and fabricated to SNS conventions to ensure compatibility of systems with Experimental Physics Integrated Control System (EPICS). ControlLogix Programmable Logic Controllers (PLCs) interface to instruments and actuators, and EPICS performs the high-level integration of the PLCs such that all operator control can be accomplished from the Central Control room using EPICS graphical screens that pass process variables to and from the PLCs. Three active safety systems were designed to industry standards ISA S84.01 and IEEE 603 to meet the desired reliability for these safety systems. The safety systems protect facility workers and the environment from mercury vapor, mercury radiation, and proton beam radiation. The facility operators operated many of the systems prior to beam on target and developed the operating procedures. The safety and non-safety control systems were tested extensively prior to beam on target. This testing was crucial to identify wiring and software errors and failed components, the result of which was few problems during operation with beam on target. The SNS has continued beam on target since April to increase beam power, check out the scientific instruments, and continue testing the operation of facility subsystems

Safety analysis and evaluation methodology for fusion systems

International Nuclear Information System (INIS)

Fujii-e, Y.; Kozawa, Y.; Namba, C.

1987-03-01

Fusion systems which are under development as future energy systems have reached a stage that the break even is expected to be realized in the near future. It is desirable to demonstrate that fusion systems are well acceptable to the societal environment. There are three crucial viewpoints to measure the acceptability, that is, technological feasibility, economy and safety. These three points have close interrelation. The safety problem is more important since three large scale tokamaks, JET, TFTR and JT-60, start experiment, and tritium will be introduced into some of them as the fusion fuel. It is desirable to establish a methodology to resolve the safety-related issues in harmony with the technological evolution. The promising fusion system toward reactors is not yet settled. This study has the objective to develop and adequate methodology which promotes the safety design of general fusion systems and to present a basis for proposing the R and D themes and establishing the data base. A framework of the methodology, the understanding and modeling of fusion systems, the principle of ensuring safety, the safety analysis based on the function and the application of the methodology are discussed. As the result of this study, the methodology for the safety analysis and evaluation of fusion systems was developed. New idea and approach were presented in the course of the methodology development. (Kako, I.)

Understanding Nuclear Safety Culture: A Systemic Approach

International Nuclear Information System (INIS)

Afghan, A.N.

2016-01-01

The Fukushima accident was a systemic failure (Report by Director General IAEA on the Fukushima Daiichi Accident). Systemic failure is a failure at system level unlike the currently understood notion which regards it as the failure of component and equipment. Systemic failures are due to the interdependence, complexity and unpredictability within systems and that is why these systems are called complex adaptive systems (CAS), in which “attractors” play an important role. If we want to understand the systemic failures we need to understand CAS and the role of these attractors. The intent of this paper is to identify some typical attractors (including stakeholders) and their role within complex adaptive system. Attractors can be stakeholders, individuals, processes, rules and regulations, SOPs etc., towards which other agents and individuals are attracted. This paper will try to identify attractors in nuclear safety culture and influence of their assumptions on safety culture behavior by taking examples from nuclear industry in Pakistan. For example, if the nuclear regulator is an attractor within nuclear safety culture CAS then how basic assumptions of nuclear plant operators and shift in-charges about “regulator” affect their own safety behavior?

Planning Systems for Distributed Operations

Science.gov (United States)

Maxwell, Theresa G.

2002-01-01

This viewgraph representation presents an overview of the mission planning process involving distributed operations (such as the International Space Station (ISS)) and the computer hardware and software systems needed to support such an effort. Topics considered include: evolution of distributed planning systems, ISS distributed planning, the Payload Planning System (PPS), future developments in distributed planning systems, Request Oriented Scheduling Engine (ROSE) and Next Generation distributed planning systems.

Safety standards of IAEA for management systems

International Nuclear Information System (INIS)

Vincze, P.

2005-01-01

IAEA has developed a new series of safety standards which are assigned for constitution of the conditions and which give the instruction for setting up the management systems that integrate the aims of safety, health, life environment and quality. The new standard shall replace IAEA 50-C-Q - Requirements for security of the quality for safety in nuclear power plants and other nuclear facilities as well as 14 related safety instructions mentioned in the Safety series No. 50-C/SG-Q (1996). When developing of this complex, integrated set of requirements for management systems, the IAEA requirements 50-C-Q (1996) were taken into consideration as well as the publications developed within the International organisation for standardization (ISO) ISO 9001:2000 and ISO14001: 1996. The experience of European Union member states during the development, implementation and improvement of the management systems were also taken into consideration

Model-based safety architecture framework for complex systems

NARCIS (Netherlands)

Schuitemaker, Katja; Rajabali Nejad, Mohammadreza; Braakhuis, J.G.; Podofillini, Luca; Sudret, Bruno; Stojadinovic, Bozidar; Zio, Enrico; Kröger, Wolfgang

2015-01-01

The shift to transparency and rising need of the general public for safety, together with the increasing complexity and interdisciplinarity of modern safety-critical Systems of Systems (SoS) have resulted in a Model-Based Safety Architecture Framework (MBSAF) for capturing and sharing architectural

A formal safety analysis for PLC software-based safety critical system using Z

International Nuclear Information System (INIS)

Koh, Jung Soo; Seong, Poong Hyun

1997-01-01

This paper describes a formal safety analysis technique which is demonstrated by performing empirical formal safety analysis with the case study of beamline hutch door Interlock system that is developed by using PLC (Programmable Logic Controller) systems at the Pohang Accelerator Laboratory. In order to perform formed safety analysis, we have built the Z formal specifications representation from user requirement written in ambiguous natural language and target PLC ladder logic, respectively. We have also studied the effective method to express typical PLC timer component by using specific Z formal notation which is supported by temporal history. We present a formal proof technique specifying and verifying that the hazardous states are not introduced into ladder logic in the PLC-based safety critical system

Operation safety of complex industrial systems

International Nuclear Information System (INIS)

Zwingelstein, G.

1999-01-01

Zero fault or zero risk is an unreachable goal in industrial activities like nuclear activities. However, methods and techniques exist to reduce the risks to the lowest possible and acceptable level. The operation safety consists in the recognition, evaluation, prediction, measurement and mastery of technological and human faults. This paper analyses each of these points successively: 1 - evolution of operation safety; 2 - definitions and basic concepts: failure, missions and functions of a system and of its components, basic concepts and operation safety; 3 - forecasting analysis of operation safety: reliability data, data-banks, precautions for the use of experience feedback data; realization of an operation safety study: management of operation safety, quality assurance, critical review and audit of operation safety studies; 6 - conclusions. (J.S.)

The reliability of nuclear power plant safety systems

International Nuclear Information System (INIS)

Susnik, J.

1978-01-01

A criterion was established concerning the protection that nuclear power plant (NPP) safety systems should afford. An estimate of the necessary or adequate reliability of the total complex of safety systems was derived. The acceptable unreliability of auxiliary safety systems is given, provided the reliability built into the specific NPP safety systems (ECCS, Containment) is to be fully utilized. A criterion for the acceptable unreliability of safety (sub)systems which occur in minimum cut sets having three or more components of the analysed fault tree was proposed. A set of input MTBF or MTTF values which fulfil all the set criteria and attain the appropriate overall reliability was derived. The sensitivity of results to input reliability data values was estimated. Numerical reliability evaluations were evaluated by the programs POTI, KOMBI and particularly URSULA, the last being based on Vesely's kinetic fault tree theory. (author)

World-wide distribution automation systems

International Nuclear Information System (INIS)

Devaney, T.M.

1994-01-01

A worldwide power distribution automation system is outlined. Distribution automation is defined and the status of utility automation is discussed. Other topics discussed include a distribution management system, substation feeder, and customer functions, potential benefits, automation costs, planning and engineering considerations, automation trends, databases, system operation, computer modeling of system, and distribution management systems

Safety management systems and their role in achieving high standards of operational safety

International Nuclear Information System (INIS)

Coulston, D.J.; Baylis, C.C.

2000-01-01

Achieving high standards of operational safety requires a robust management framework that is visible to all personnel with responsibility for its implementation. The structure of the management framework must ensure that all processes used to manage safety interlink in a logical and coherent manner, that is, they form a management system that leads to continuous improvement in safety performance. This Paper describes BNFL's safety management system (SMS). The SMS has management processes grouped within 5 main elements: 1. Policy, 2. Organisation, 3. Planning and Implementation, 4. Measuring and Reviewing Performance, 5. Audit. These elements reflect the overall process of setting safety objective (from Policy), measuring success and reviewing the performance. Effective implementation of the SMS requires senior managers to demonstrate leadership through their commitment and accountability. However, the SMS as a whole reflects that every employee at every level within BNFL is responsible for safety of operations under their control. The SMS therefore promotes a proactive safety culture and safe operations. The system is formally documented in the Company's Environmental, Health and Safety (EHS) Manual. Within in BNFL Group, the Company structures enables the Manual to provide overall SMS guidance and co-ordination to its range of nuclear businesses. Each business develops the SMS to be appropriate at all levels of its organisation, but ensuring that each level is consistent with the higher level. The Paper concludes with a summary of BNFL's safety performance. (author)

Safety of huge systems

International Nuclear Information System (INIS)

Kondo, Jiro.

1995-01-01

Recently accompanying the development of engineering technology, huge systems tend to be constructed. The disaster countermeasures of huge cities become large problems as the concentration of population into cities is conspicuous. To make the expected value of loss small, the knowledge of reliability engineering is applied. In reliability engineering, even if a part of structures fails, the safety as a whole system must be ensured, therefore, the design having margin is carried out. The degree of margin is called redundancy. However, such design concept makes the structure of a system complex, and as the structure is complex, the possibility of causing human errors becomes high. At the time of huge system design, the concept of fail-safe is effective, but simple design must be kept in mind. The accident in Mihama No. 2 plant of Kansai Electric Power Co. and the accident in Chernobyl nuclear power station, and the accident of Boeing B737 airliner and the fatigue breakdown are described. The importance of safety culture was emphasized as the method of preventing human errors. Man-system interface and management system are discussed. (K.I.)

Environmental tests of a digital safety channel: An investigation of stress-related vulnerabilities of computer-based safety system

International Nuclear Information System (INIS)

Korsah, K.; Wilson, T.L.; Wood, R.; Tanaka, T.

1997-01-01

This article presents the results of environmental stress tests performed on an experimental digital safety channel (EDSC) assembled at the Oak Ridge National Laboratory as part of the Qualification of Advanced Instrumentation and Controls Systems Research program, which was sponsored by the US Nuclear Regulatory Commission. The program is expected to provide recommendations for environmental qualification of digital safety systems. The purpose of the study was to investigate potential vulnerabilities of distributed computer systems used in safety applications when subjected to environmental stressors. The EDSC assembled for the tests employs technologies and digital subsystems representative of those proposed for use in advanced light-water reactors or as retrofits in existing plants. Subsystems include computers, electrical and optical serial communication links, fiber-optic network links, analog-to-digital and digital-to-analog converters, and multiplexers. The EDSC was subjected to selected stressors that are a potential risk to digital equipment in a mild environment. The selected stressors were electromagnetic and radiofrequency interferences (EMI-RFI), temperature, humidity, and smoke exposure. The stressors were applied at levels of intensity considerably higher than the safety channel is likely to experience in a normal nuclear power plant environment. Ranges of stress were selected at a sufficiently high level to induce errors so that failure modes that are characteristic of the technologies employed could be identified. On the basis of the incidence of functional errors observed during testing, EMI-RFI, smoke exposure, and high temperature coupled with high relative humidity, in that order, were found to have the greatest impact of the stressors investigated. The most prevalent stressor-induced upsets, as well as the most severe, were found to occur during the EMI-RFI tests

System Safety in an IT Service Organization

Science.gov (United States)

Parsons, Mike; Scutt, Simon

Within Logica UK, over 30 IT service projects are considered safetyrelated. These include operational IT services for airports, railway infrastructure asset management, nationwide radiation monitoring and hospital medical records services. A recent internal audit examined the processes and documents used to manage system safety on these services and made a series of recommendations for improvement. This paper looks at the changes and the challenges to introducing them, especially where the service is provided by multiple units supporting both safety and non-safety related services from multiple locations around the world. The recommendations include improvements to service agreements, improved process definitions, routine safety assessment of changes, enhanced call logging, improved staff competency and training, and increased safety awareness. Progress is reported as of today, together with a road map for implementation of the improvements to the service safety management system. A proposal for service assurance levels (SALs) is discussed as a way forward to cover the wide variety of services and associated safety risks.

Distributed Operating Systems

NARCIS (Netherlands)

Mullender, Sape J.

1987-01-01

In the past five years, distributed operating systems research has gone through a consolidation phase. On a large number of design issues there is now considerable consensus between different research groups. In this paper, an overview of recent research in distributed systems is given. In turn, the

Aviation Safety Reporting System: Process and Procedures

Science.gov (United States)

Connell, Linda J.

1997-01-01

The Aviation Safety Reporting System (ASRS) was established in 1976 under an agreement between the Federal Aviation Administration (FAA) and the National Aeronautics and Space Administration (NASA). This cooperative safety program invites pilots, air traffic controllers, flight attendants, maintenance personnel, and others to voluntarily report to NASA any aviation incident or safety hazard. The FAA provides most of the program funding. NASA administers the program, sets its policies in consultation with the FAA and aviation community, and receives the reports submitted to the program. The FAA offers those who use the ASRS program two important reporting guarantees: confidentiality and limited immunity. Reports sent to ASRS are held in strict confidence. More than 350,000 reports have been submitted since the program's beginning without a single reporter's identity being revealed. ASRS removes all personal names and other potentially identifying information before entering reports into its database. This system is a very successful, proof-of-concept for gathering safety data in order to provide timely information about safety issues. The ASRS information is crucial to aviation safety efforts both nationally and internationally. It can be utilized as the first step in safety by providing the direction and content to informed policies, procedures, and research, especially human factors. The ASRS process and procedures will be presented as one model of safety reporting feedback systems.

Developing and maintaining national food safety control systems ...

African Journals Online (AJOL)

The establishment of effective food safety systems is pivotal to ensuring the safety of the national food supply as well as food products for regional and international trade. The development, structure and implementation of modern food safety systems have been driven over the years by a number of developments.

COMPRESS - a computerized reactor safety system

International Nuclear Information System (INIS)

Vegh, E.

1986-01-01

The computerized reactor safety system, called COMPRESS, provides the following services: scram initiation; safety interlockings; event recording. The paper describes the architecture of the system and deals with reliability problems. A self-testing unit checks permanently the correct operation of the independent decision units. Moreover the decision units are tested by short pulses whether they can initiate a scram. The self-testing is described in detail

Pervasive Electricity Distribution System

Directory of Open Access Journals (Sweden)

Muhammad Usman Tahir

2017-06-01

Full Text Available Now a days a country cannot become economically strong until and unless it has enough electrical power to fulfil industrial and domestic needs. Electrical power being the pillar of any country’s economy, needs to be used in an efficient way. The same step is taken here by proposing a new system for energy distribution from substation to consumer houses, also it monitors the consumer consumption and record data. Unlike traditional manual Electrical systems, pervasive electricity distribution system (PEDS introduces a fresh perspective to monitor the feeder line status at distribution and consumer level. In this system an effort is taken to address the issues of electricity theft, manual billing, online monitoring of electrical distribution system and automatic control of electrical distribution points. The project is designed using microcontroller and different sensors, its GUI is designed in Labview software.

Integrated therapy safety management system.

Science.gov (United States)

Podtschaske, Beatrice; Fuchs, Daniela; Friesdorf, Wolfgang

2013-09-01

The aim is to demonstrate the benefit of the medico-ergonomic approach for the redesign of clinical work systems. Based on the six layer model, a concept for an 'integrated therapy safety management' is drafted. This concept could serve as a basis to improve resilience. The concept is developed through a concept-based approach. The state of the art of safety and complexity research in human factors and ergonomics forms the basis. The findings are synthesized to a concept for 'integrated therapy safety management'. The concept is applied by way of example for the 'medication process' to demonstrate its practical implementation. The 'integrated therapy safety management' is drafted in accordance with the six layer model. This model supports a detailed description of specific work tasks, the corresponding responsibilities and related workflows at different layers by using the concept of 'bridge managers'. 'Bridge managers' anticipate potential errors and monitor the controlled system continuously. If disruptions or disturbances occur, they respond with corrective actions which ensure that no harm results and they initiate preventive measures for future procedures. The concept demonstrates that in a complex work system, the human factor is the key element and final authority to cope with the residual complexity. The expertise of the 'bridge managers' and the recursive hierarchical structure results in highly adaptive clinical work systems and increases their resilience. The medico-ergonomic approach is a highly promising way of coping with two complexities. It offers a systematic framework for comprehensive analyses of clinical work systems and promotes interdisciplinary collaboration. © 2013 The Authors. British Journal of Clinical Pharmacology © 2013 The British Pharmacological Society.

Integrated therapy safety management system

Science.gov (United States)

Podtschaske, Beatrice; Fuchs, Daniela; Friesdorf, Wolfgang

2013-01-01

Aims The aim is to demonstrate the benefit of the medico-ergonomic approach for the redesign of clinical work systems. Based on the six layer model, a concept for an ‘integrated therapy safety management’ is drafted. This concept could serve as a basis to improve resilience. Methods The concept is developed through a concept-based approach. The state of the art of safety and complexity research in human factors and ergonomics forms the basis. The findings are synthesized to a concept for ‘integrated therapy safety management’. The concept is applied by way of example for the ‘medication process’ to demonstrate its practical implementation. Results The ‘integrated therapy safety management’ is drafted in accordance with the six layer model. This model supports a detailed description of specific work tasks, the corresponding responsibilities and related workflows at different layers by using the concept of ‘bridge managers’. ‘Bridge managers’ anticipate potential errors and monitor the controlled system continuously. If disruptions or disturbances occur, they respond with corrective actions which ensure that no harm results and they initiate preventive measures for future procedures. The concept demonstrates that in a complex work system, the human factor is the key element and final authority to cope with the residual complexity. The expertise of the ‘bridge managers’ and the recursive hierarchical structure results in highly adaptive clinical work systems and increases their resilience. Conclusions The medico-ergonomic approach is a highly promising way of coping with two complexities. It offers a systematic framework for comprehensive analyses of clinical work systems and promotes interdisciplinary collaboration. PMID:24007448

From Safe Systems to Patient Safety

DEFF Research Database (Denmark)

Aarts, J.; Nøhr, C.

2010-01-01

for the third conference with the theme: The ability to design, implement and evaluate safe, useable and effective systems within complex health care organizations. The theme for this conference was "Designing and Implementing Health IT: from safe systems to patient safety". The contributions have reflected...... and implementation of safe systems and thus contribute to the agenda of patient safety? The contributions demonstrate how the health informatics community has contributed to the performance of significant research and to translating research findings to develop health care delivery and improve patient safety......This volume presents the papers from the fourth International Conference on Information Technology in Health Care: Socio-technical Approaches held in Aalborg, Denmark in June 2010. In 2001 the first conference was held in Rotterdam, The Netherlands with the theme: Sociotechnical' approaches...

Benefits of a systematic approach to maintenance for safety and safety related systems

International Nuclear Information System (INIS)

Dam, R.F.; Ayazzudin, S.; Nickerson, J.H.

2003-01-01

For safety and safety-related systems, nuclear plants have to balance the requirements of demonstrating the reliability of each system, while maintaining the system and plant availability. With the goal of demonstrating statistical reliability, these systems have extensive testing programs, which often results in system unavailability and this can impact the plant capacity. The inputs to the process are often safety and regulatory related, resulting in programs that provide a high level of scrutiny. In such cases, the value of the application of a Systematic Assessment of Maintenance (SAM) process, such as Reliability Centered Maintenance (RCM), is questioned. The special case of Standby-Safety systems was discussed in a previous paper, where it was demonstrated how SAM techniques provide useful insight into current system performance, the impact of testing on component and system reliability, and how PSA considerations can be integrated into a comprehensive Maintenance, Surveillance, and Inspection (MSI) strategy. Although the system reliability requirements are an important part of the strategy evaluation, SAM techniques provide a systematic assessment within a broader context. Testing is only one part of an overall strategy focused on ensuring that component function is maintained through a combination of monitoring technologies (including testing), predictive techniques, and intrusive maintenance strategies. Each strategy is targeted to known component degradation mechanisms. This thinking can be extended to safety and safety related systems in general. Over the past 6 years, AECL has been working with CANDU utilities in the development and implementation of a comprehensive and integrated Plant Life Management (PLiM) program. As part of developing a comprehensive plant asset management approach, SAM techniques are used to develop a technical basis that not only works towards ensuring reliable operation of plant systems, but also facilitates the optimization and

Declarative Rule-based Safety for Robotic Perception Systems

DEFF Research Database (Denmark)

Mogensen, Johann Thor Ingibergsson; Kraft, Dirk; Schultz, Ulrik Pagh

2017-01-01

Mobile robots are used across many domains from personal care to agriculture. Working in dynamic open-ended environments puts high constraints on the robot perception system, which is critical for the safety of the system as a whole. To achieve the required safety levels the perception system needs...... to be certified, but no specific standards exist for computer vision systems, and the concept of safe vision systems remains largely unexplored. In this paper we present a novel domain-specific language that allows the programmer to express image quality detection rules for enforcing safety constraints...

Field Programmable Gate Array-based I and C Safety System

International Nuclear Information System (INIS)

Kim, Hyun Jeong; Kim, Koh Eun; Kim, Young Geul; Kwon, Jong Soo

2014-01-01

Programmable Logic Controller (PLC)-based I and C safety system used in the operating nuclear power plants has the disadvantages of the Common Cause Failure (CCF), high maintenance costs and quick obsolescence, and then it is necessary to develop the other platform to replace the PLC. The Field Programmable Gate Array (FPGA)-based Instrument and Control (I and C) safety system is safer and more economical than Programmable Logic Controller (PLC)-based I and C safety system. Therefore, in the future, FPGA-based I and C safety system will be able to replace the PLC-based I and C safety system in the operating and the new nuclear power plants to get benefited from its safety and economic advantage. FPGA-based I and C safety system shall be implemented and verified by applying the related requirements to perform the safety function

Field Programmable Gate Array-based I and C Safety System

Energy Technology Data Exchange (ETDEWEB)

Kim, Hyun Jeong; Kim, Koh Eun; Kim, Young Geul; Kwon, Jong Soo [KEPCO, Daejeon (Korea, Republic of)

2014-08-15

Programmable Logic Controller (PLC)-based I and C safety system used in the operating nuclear power plants has the disadvantages of the Common Cause Failure (CCF), high maintenance costs and quick obsolescence, and then it is necessary to develop the other platform to replace the PLC. The Field Programmable Gate Array (FPGA)-based Instrument and Control (I and C) safety system is safer and more economical than Programmable Logic Controller (PLC)-based I and C safety system. Therefore, in the future, FPGA-based I and C safety system will be able to replace the PLC-based I and C safety system in the operating and the new nuclear power plants to get benefited from its safety and economic advantage. FPGA-based I and C safety system shall be implemented and verified by applying the related requirements to perform the safety function.

Operation safety of complex industrial systems. Main concepts

International Nuclear Information System (INIS)

Zwingelstein, G.

2009-01-01

Operation safety consists in knowing, evaluating, foreseeing, measuring and mastering the technological system and human failures in order to avoid their impacts on health and people's safety, on productivity, and on the environment, and to preserve the Earth's resources. This article recalls the main concepts of operation safety: 1 - evolutions in the domain; 2 - failures, missions and functions of a system and of its components: functional failure, missions and functions, industrial processes, notions of probability; 3 - basic concepts and operation safety: reliability, unreliability, failure density, failure rate, relations between them, availability, maintainability, safety. (J.S.)

Safety assessment of HLW geological disposal system

International Nuclear Information System (INIS)

Naito, Morimasa

2006-01-01

In accordance with the Japanese nuclear program, the liquid waste with a high level of radioactivity arising from reprocessing is solidified in a stable glass matrix (vitrification) in stainless steel fabrication containers. The vitrified waste is referred to as high-level radioactive waste (HLW), and is characterized by very high initial radioactivity which, even though it decreases with time, presents a potential long-term risk. It is therefore necessary to thoroughly manage HLW from human and his environment. After vitrification, HLW is stored for a period of 30 to 50 years to allow cooling, and finally disposed of in a stable geological environment at depths greater than 300 m below surface. The deep underground environment, in general, is considered to be stable over geological timescales compared with surface environment. By selecting an appropriate disposal site, therefore, it is considered to be feasible to isolate the waste in the repository from man and his environment until such time as radioactivity levels have decayed to insignificance. The concept of geological disposal in Japan is similar to that in other countries, being based on a multibarrier system which combines the natural geological environment with engineered barriers. It should be noted that geological disposal concept is based on a passive safety system that does not require any institutional control for assuring long term environmental safety. To demonstrate feasibility of safe HLW repository concept in Japan, following technical steps are essential. Selection of a geological environment which is sufficiently stable for disposal (site selection). Design and installation of the engineered barrier system in a stable geological environment (engineering measures). Confirmation of the safety of the constructed geological disposal system (safety assessment). For site selection, particular consideration is given to the long-term stability of the geological environment taking into account the fact

33 CFR 147.847 - Safety Zone; BW PIONEER Floating Production, Storage, and Offloading System Safety Zone.

Science.gov (United States)

2010-07-01

... Production, Storage, and Offloading System Safety Zone. 147.847 Section 147.847 Navigation and Navigable... ZONES § 147.847 Safety Zone; BW PIONEER Floating Production, Storage, and Offloading System Safety Zone. (a) Description. The BW PIONEER, a Floating Production, Storage and Offloading (FPSO) system, is in...

Safety-related instrumentation and control systems for nuclear power plants

International Nuclear Information System (INIS)

1984-01-01

This Safety Guide deals mainly with design requirements for those I and C systems that are important to safety but are not safety systems. The Guide is intended to expand paragraphs 3.1, 3.2 and 3.3 of the Code of Practice on Design for Safety of Nuclear Power Plants (IAEA Safety Series No.50-C-D) in the area of I and C systems important to safety and refers to them as safety-related I and C systems. It also gives guidance and enumerates requirements for multiplexing and the use of the digital computers employed in this area

Evaluating Safety Culture Under the Socio-Technical Complex Systems Perspective

International Nuclear Information System (INIS)

Lemos, F. L. de

2016-01-01

Since the term “safety culture” was coined, it has gained more and more attention as an effort to achieve higher levels of system safety. A good deal of effort has been done in order to better define, evaluate and implement safety culture programs in organizations throughout all industries, and especially in the Nuclear Industry. Unfortunately, despite all those efforts, we continue to witness accidents that are, in great part, attributed to flaws in the safety culture of the organization. Fukushima nuclear accident is one example of a serious accident in which flaws in the safety culture has been pointed to as one of the main contributors. In general, the definitions of safety culture emphasise the social aspect of the system. While the definitions also include the relations with the technical aspects, it does so in a general sense. For example, the International Nuclear Safety Advisory Group (INSAG) defines safety culture as: “The assembly of characteristics and attitudes in organizations and individuals which establishes that, as an overriding priority, nuclear plant safety issues receives the attention warranted by their significance.” By the way safety culture is defined we can infer that it represents a property of a social system, or a property of the social aspect of the system. In this sense, the social system is a component of the whole system. Where, “system” is understood to be comprised of a social (humans) and technical (equipment) aspects, as a Nuclear Power Plant, for example. Therefore, treating safety culture as an identity on its own right, finding and fixing flaws in the safety culture may not be enough to improve safety of the system. We also needed to evaluate all the interactions between the components that comprise all the aspects of the system. In some cases a flaw in the safety culture can easily be detected, such as an employee not wearing appropriate individual protection equipment, e.g., dosimeter, or when basic safety

Density Control of Multi-Agent Systems with Safety Constraints: A Markov Chain Approach

Science.gov (United States)

Demirer, Nazli

The control of systems with autonomous mobile agents has been a point of interest recently, with many applications like surveillance, coverage, searching over an area with probabilistic target locations or exploring an area. In all of these applications, the main goal of the swarm is to distribute itself over an operational space to achieve mission objectives specified by the density of swarm. This research focuses on the problem of controlling the distribution of multi-agent systems considering a hierarchical control structure where the whole swarm coordination is achieved at the high-level and individual vehicle/agent control is managed at the low-level. High-level coordination algorithms uses macroscopic models that describes the collective behavior of the whole swarm and specify the agent motion commands, whose execution will lead to the desired swarm behavior. The low-level control laws execute the motion to follow these commands at the agent level. The main objective of this research is to develop high-level decision control policies and algorithms to achieve physically realizable commanding of the agents by imposing mission constraints on the distribution. We also make some connections with decentralized low-level motion control. This dissertation proposes a Markov chain based method to control the density distribution of the whole system where the implementation can be achieved in a decentralized manner with no communication between agents since establishing communication with large number of agents is highly challenging. The ultimate goal is to guide the overall density distribution of the system to a prescribed steady-state desired distribution while satisfying desired transition and safety constraints. Here, the desired distribution is determined based on the mission requirements, for example in the application of area search, the desired distribution should match closely with the probabilistic target locations. The proposed method is applicable for both

Intelligent monitoring-based safety system of massage robot

Institute of Scientific and Technical Information of China (English)

胡宁; 李长胜; 王利峰; 胡磊; 徐晓军; 邹雲鹏; 胡玥; 沈晨

2016-01-01

As an important attribute of robots, safety is involved in each link of the full life cycle of robots, including the design, manufacturing, operation and maintenance. The present study on robot safety is a systematic project. Traditionally, robot safety is defined as follows: robots should not collide with humans, or robots should not harm humans when they collide. Based on this definition of robot safety, researchers have proposed ex ante and ex post safety standards and safety strategies and used the risk index and risk level as the evaluation indexes for safety methods. A massage robot realizes its massage therapy function through applying a rhythmic force on the massage object. Therefore, the traditional definition of safety, safety strategies, and safety realization methods cannot satisfy the function and safety requirements of massage robots. Based on the descriptions of the environment of massage robots and the tasks of massage robots, the present study analyzes the safety requirements of massage robots; analyzes the potential safety dangers of massage robots using the fault tree tool; proposes an error monitoring-based intelligent safety system for massage robots through monitoring and evaluating potential safety danger states, as well as decision making based on potential safety danger states; and verifies the feasibility of the intelligent safety system through an experiment.

Development and implementation of setpoint tolerances for special safety systems

International Nuclear Information System (INIS)

Oliva, A.F.; Balog, G.; Parkinson, D.G.; Archinoff, G.H.

1991-01-01

The establishment of tolerances and impairment limits for special safety system setpoints is part of the process whereby the plant operator demonstrates to the regulatory authority that the plant operates safely and within the defined plant licensing envelope. The licensing envelope represents the set of limits and plant operating state and for which acceptably safe plant operation has been demonstrated by the safety analysis. By definition, operation beyond this envelope contributes to overall safety system unavailability. Definition of the licensing envelope is provided in a wide range of documents including the plant operating licence, the safety report, and the plant operating policies and principles documents. As part of the safety analysis, limits are derived for each special safety system initiating parameter such that the relevant safety design objectives are achieved for all design basis events. If initiation on a given parameter occurs at a level beyond its limit, there is a potential reduction in safety system effectiveness relative to the performance credited in the plant safety analysis. These safety system parameter limits, when corrected for random and systematic instrument errors and other errors inherent in the process of periodic testing or calibration, are then used to derive parameter impairment levels and setpoint tolerances. This paper describes the methodology that has evolved at Ontario Hydro for developing and implementing tolerances for special safety system parameters (i.e., the shutdown systems, emergency coolant injection system and containment system). Tolerances for special safety system initiation setpoints are addressed specifically, although many of the considerations discussed here will apply to performance limits for other safety system components. The first part of the paper deals with the approach that has been adopted for defining and establishing setpoint limits and tolerances. The remainder of the paper addresses operational

Ergonomics in the context of system safety

International Nuclear Information System (INIS)

Donnelly, K.E.

1984-01-01

In a complex industrial environment, ergonomics must be combined with management science and systems analysis to produce a program which can create effective change and improve safety performance. We give an overview of such an approach, namely System Safety, so that its ergonomic content may be seen

Identifying behaviour patterns of construction safety using system archetypes.

Science.gov (United States)

Guo, Brian H W; Yiu, Tak Wing; González, Vicente A

2015-07-01

Construction safety management involves complex issues (e.g., different trades, multi-organizational project structure, constantly changing work environment, and transient workforce). Systems thinking is widely considered as an effective approach to understanding and managing the complexity. This paper aims to better understand dynamic complexity of construction safety management by exploring archetypes of construction safety. To achieve this, this paper adopted the ground theory method (GTM) and 22 interviews were conducted with participants in various positions (government safety inspector, client, health and safety manager, safety consultant, safety auditor, and safety researcher). Eight archetypes were emerged from the collected data: (1) safety regulations, (2) incentive programs, (3) procurement and safety, (4) safety management in small businesses (5) production and safety, (6) workers' conflicting goals, (7) blame on workers, and (8) reactive and proactive learning. These archetypes capture the interactions between a wide range of factors within various hierarchical levels and subsystems. As a free-standing tool, they advance the understanding of dynamic complexity of construction safety management and provide systemic insights into dealing with the complexity. They also can facilitate system dynamics modelling of construction safety process. Copyright © 2015 Elsevier Ltd. All rights reserved.

Health risk assessment linked with purified biogas injection in a natural gas distribution system

International Nuclear Information System (INIS)

Leroux, Carole; Modelon, Hugues; Rousselle, Christophe; Zdanevitch, Isabelle; Evanno, Sebastien

2009-06-01

This document provides for the opinion of the French Agency for Environmental and Occupational Health and Safety (Afsset) expressed after the collective expertise carried out for the evaluation of the health risk linked with biogas injection in the natural gas distribution system. Following the recommendations issued by the Afsset, works have been started in order to collect the sludge-derived biogas and to analyse its composition. These data will be used to assess accidental risks (resulting from biogas valorisation, pipeline transport, industrial and domestic energy valorisation) as well as health risks for users (resulting from the injection in the natural gas distribution system)

Classification of Aeronautics System Health and Safety Documents

Data.gov (United States)

National Aeronautics and Space Administration — Most complex aerospace systems have many text reports on safety, maintenance, and associated issues. The Aviation Safety Reporting System (ASRS) spans several...

Survey of electronic safety systems in accelerator applications

International Nuclear Information System (INIS)

Mahoney, K.

1997-01-01

This paper presents the preliminary results and analysis of a comprehensive survey of the implementation of accelerator safety interlock systems from over 30 international labs. At the present time there is not a self consistent means to evaluate both the experiences and level of protection provided by electronic safety interlock systems. This research is intended to analyze the strength and weaknesses of several different types of interlock system implementation methodologies. Research, medical, and industrial accelerators are compared. Thomas Jefferson National Accelerator Facility (TJNAF) was one of the first large particle accelerators to implement a safety interlock system using programmable logic controllers. Since that time all of the major new U.S. accelerator construction projects plan to use some form of programmable electronics as part of a safety interlock system in some capacity

Rad waste disposal safety analysis / Integrated safety assessment of a waste repository

International Nuclear Information System (INIS)

Jeong, Jongtae; Choi, Jongwon; Kang, Chulhyung

2012-04-01

We developed CYPRUS+and adopted PID and RES method for the development of scenario. Safety performance assessment program was developed using GoldSim for the safety assessment of disposal system for the disposal of spnet fuels and wastes resulting from the pyrpoprocessing. Biosphere model was developed and verified in cooperation with JAEA. The capability to evaluate post-closure performance and safety was added to the previously developed program. And, nuclide migration and release to the biosphere considering site characteristics was evaluated by using deterministic and probabilistic approach. Operational safety assessment for drop, fire, and earthquake was also statistically evaluated considering well-established input parameter distribution. Conservative assessment showed that dose rate is below the limit value of low- and intermediate-level repository. Gas generation mechanism within engineered barrier was defined and its influence on safety was evaluated. We made probabilistic safety assessment by obtaining the probability distribution functions of important input variables and also made a sensitivity analysis. The maximum annual dose rate was shown to be below the safety limit value of 10 mSv/yr. The structure and element of safety case was developed to increase reliability of safety assessment methodology for a deep geological repository. Finally, milestone for safety case development and implementation strategy for each safety case element was also proposed

Development and application of digital safety system in NPPs

International Nuclear Information System (INIS)

Kwon, Keechoon; Kim, Changhwoi; Lee, Dongyoung

2012-01-01

This paper describes the development of digital safety system in NPPs based on safety- grade programmable logic controller (PLC) platform and its application to real NPP construction. The digital safety system consists of a reactor protection system and an engineered safety feature-component control system. The safety-grade PLC platform was developed so that it meets the requirements of the regulation. The PLC consists of various modules such as a power module, a processor module, communication modules, digital input/output modules, analog input/output modules, a LOCA bus extension module, and a high-speed pulse counter module. The reactor protection system is designed with a redundant 4-channel architecture, and every channel is implemented with the same architecture. A single channel consists of a redundant bi-stable processor, a redundant coincidence processor, an automatic test and interface processor, and a cabinet operator module. The engineered safety feature-component control system is designed with four redundant divisions, and implemented with the PLC platform. The principal components of an individual division are fault tolerant group controllers, loop controllers, a test and interface processor, a cabinet operator module and a control channel gateway. The topical report is submitted to the regulatory body, and got safety evaluation report from the regulatory body. Also, the developed system is tested in the integrated performance validation facility. It is decided that the digital safety system applied to Shin-Uljin unit 1 and 2 after a topical report approval and validation test. Design changes occur in the digital safety system that is applied to an actual nuclear power plant construction, and the PLC has also been upgraded

Development and application of digital safety system in NPPs

Energy Technology Data Exchange (ETDEWEB)

Kwon, Keechoon; Kim, Changhwoi; Lee, Dongyoung [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2012-03-15

This paper describes the development of digital safety system in NPPs based on safety- grade programmable logic controller (PLC) platform and its application to real NPP construction. The digital safety system consists of a reactor protection system and an engineered safety feature-component control system. The safety-grade PLC platform was developed so that it meets the requirements of the regulation. The PLC consists of various modules such as a power module, a processor module, communication modules, digital input/output modules, analog input/output modules, a LOCA bus extension module, and a high-speed pulse counter module. The reactor protection system is designed with a redundant 4-channel architecture, and every channel is implemented with the same architecture. A single channel consists of a redundant bi-stable processor, a redundant coincidence processor, an automatic test and interface processor, and a cabinet operator module. The engineered safety feature-component control system is designed with four redundant divisions, and implemented with the PLC platform. The principal components of an individual division are fault tolerant group controllers, loop controllers, a test and interface processor, a cabinet operator module and a control channel gateway. The topical report is submitted to the regulatory body, and got safety evaluation report from the regulatory body. Also, the developed system is tested in the integrated performance validation facility. It is decided that the digital safety system applied to Shin-Uljin unit 1 and 2 after a topical report approval and validation test. Design changes occur in the digital safety system that is applied to an actual nuclear power plant construction, and the PLC has also been upgraded.

RSAS: a Reactor Safety Assessment System

International Nuclear Information System (INIS)

Sebo, D.E.; Dixon, B.W.; Bray, M.A.

1985-01-01

The Reactor Safety Assessment System (RSAS) is an expert system under development for the United States Nuclear Regulatory Commission (NRC). RSAS is being developed for use at the NRC's Operations Center in the event of a serious incident at a licensed nuclear power plant. The system generates situation assessments for the NRC Reactor Safety Team based on a limited number of plant parameters, known operator actions, and plant status data. The RSAS rule base currently covers one reactor type. The extension of the rule base to other reactor types is also discussed

Optimizing queries in distributed systems

Directory of Open Access Journals (Sweden)

Ion LUNGU

2006-01-01

Full Text Available This research presents the main elements of query optimizations in distributed systems. First, data architecture according with system level architecture in a distributed environment is presented. Then the architecture of a distributed database management system (DDBMS is described on conceptual level followed by the presentation of the distributed query execution steps on these information systems. The research ends with presentation of some aspects of distributed database query optimization and strategies used for that.

Safety design requirements for safety systems and components of JSFR

International Nuclear Information System (INIS)

Kubo, Shigenobu; Shimakawa, Yoshio; Yamano, Hidemasa; Kotake, Shoji

2011-01-01

Safety design requirements for JSFR were summarized taking the development targets of the FaCT project and design feature of JSFR into account. The related safety principle and requirements for Monju, CRBRP, PRISM, SPX, LWRs, IAEA standards, goals of GIF, basic principle of INPRO etc. were also taken into account so that the safety design requirements can be a next-generation global standard. The development targets for safety and reliability are set based on those of FaCT, namely, ensuring safety and reliability equal to future LWR and related fuel cycle facilities. In order to achieve these targets, the defence-in-depth concept is used as the basic safety design principle. General features of the safety design requirements are 1) Achievement of higher reliability, 2) Achievement of higher inspectability and maintainability, 3) Introduction of passive safety features, 4) Reduction of operator action needs, 5) Design consideration against Beyond Design Basis Events, 6) In-Vessel Retention of degraded core materials, 7) Prevention and mitigation against sodium chemical reactions, and 8) Design against external events. The current specific requirements for each system and component are summarized taking the basic design concept of JSFR into account, which is an advanced loop-type large-output power plant with a mixed-oxide-fuelled core. (author)

Leak detection system with distributed microprocessor in the primary containment vessel

International Nuclear Information System (INIS)

Inahara, K.; Yoshioka, K.; Tomizawa, T.

1980-01-01

Responding to the demand for greater improvements of the safety monitoring system, less public radiation exposure, and increase of plant availability, measuring and control systems in nuclear power plants have undergone many improvements. Leak detection systems are also required to give earlier warning, additional accuracy, and continuous monitoring function. This paper describes the drywell sump leakage detection system utilizing a distributed microprocessor, which is a successful application owing to its versatile function and ease of installation. The microprocessor performs various functions such as a rate of level change computation, conversion to leakage flow rate, initiation of alarm, and sump pump control. This system has already been applied to three operating BWR plants that demonstrate its efficiency. (auth)

Reliability analysis of diverse safety logic systems of fast breeder reactor

International Nuclear Information System (INIS)

Ravi Kumar, Bh.; Apte, P.R.; Srivani, L.; Ilango Sambasivan, S.; Swaminathan, P.

2006-01-01

Safety Logic for Fast Breeder Reactor (FBR) is designed to initiate safety action against Design Basis Events. Based on the outputs of various processing circuits, Safety logic system drives the control rods of the shutdown system. So, Safety Logic system is classified as safety critical system. Therefore, reliability analysis has to be performed. This paper discusses the Reliability analysis of Diverse Safety logic systems of FBRs. For this literature survey on safety critical systems, system reliability approach and standards to be followed like IEC-61508 are discussed in detail. For Programmable Logic device based systems, Hardware Description Languages (HDL) are used. So this paper also discusses the Verification and Validation for HDLs. Finally a case study for the Reliability analysis of Safety logic is discussed. (author)

Experimental research progress on passive safety systems of Chinese advanced PWR

International Nuclear Information System (INIS)

Xiao Zejun; Zhuo Wenbin; Zheng Hua; Chen Bingde; Zong Guifang; Jia Dounan

2003-01-01

TMI and Chernobyl accidents, having pronounced impact on nuclear industries, triggered the governments as well as interested institutions to devote much attention to the safety of nuclear power plant and public's requirements on nuclear power plant safety were also going to be stricter and stricter. It is obvious that safety level of an ordinary light water reactor is no longer satisfactory to these requirements. Recently, the safety authorities have recommended the implementation of passive system to improve the safety of nuclear reactors. Passive safety system is one of the main differences between Chinese advanced PWR and other conventional PWR. The working principle of passive safety system is to utilize the gravity, natural convection (natural circulation) and stored energy to implement the system's safety function. Reactors with passive safety systems are not only safer, but also more economical. The passive safety system of Chinese advanced PWR is composed of three independent systems, i.e. passive containment cooling system, passive residual heat removal system and passive core makeup tank injection system. This paper is a summary of experimental research progress on passive containment cooling system, passive residual heat removal system and passive core makeup tank injection system

A study on LAN applications in nuclear safety systems

International Nuclear Information System (INIS)

Kim, Sung; Lee, Young Ryul; Koo, Jun Mo; Han, Jai Bok

1995-01-01

It is a general tendency to digitalize the conventional relay based I and C systems in nuclear power plant. But, the digitalisation of nuclear safety systems has many a difficulty to surmount. The typical one thing of many difficulties is the data communication problem between local controllers and systems. The network architecture built with LAN (Local Area Network) in digital systems of the other industries are general. But in case of nuclear safety systems many considerations in point of safety and license are required to implement it in the field. In this parer, some considerations for applying LAN in nuclear safety systems were reviewed

Research on advanced system safety assessment procedures (4)

International Nuclear Information System (INIS)

Suzuki, Kazuhiko; Shimada, Yukiyasu

2001-03-01

The past research reports in the area of safety engineering proposed the Computer-aided HAZOP system to be applied to Nuclear Reprocessing Facilities. Automated HAZOP system has great advantage compared with human analysts in terms of accuracy of the results, and time required to conduct HAZOP studies. This report surveys the literature on risk assessment and safety design based on the concept of independent protection layers (IPLs). Furthermore, to improve HAZOP System, tool is proposed to construct the basic model and the internal state model. Such HAZOP system is applied to analyze two kinds of processes, where the ability of the proposed system is verified. In addition, risk assessment support system is proposed to integrate safety design environment and assessment result to be used by other plants as well as to enable the underline plant to use other plants' information. This technique can be implemented using web-based safety information systems. (author)

ABWR (K-6/7) construction experience (computer-based safety system)

International Nuclear Information System (INIS)

Yokomura, T.

1998-01-01

TEPCO applied a digital safety system to Kashiwazaki-Kariwa Nuclear Power Station Unit Nos. 6 and 7, the world's first ABWR plant. Although this was the first time to apply a digital safety logic system in Japan, we were able to complete construction of K-6/7 very successfully and without any delay. TEPCO took a approach of developing a substantial amount of experience in digital non- safety systems before undertaking the design of the safety protection system. This paper describes the history, techniques and experience behind achieving a highly reliable digital safety system. (author)

SACS2: Dynamic and Formal Safety Analysis Method for Complex Safety Critical System

International Nuclear Information System (INIS)

Koh, Kwang Yong; Seong, Poong Hyun

2009-01-01

Fault tree analysis (FTA) is one of the most widely used safety analysis technique in the development of safety critical systems. However, over the years, several drawbacks of the conventional FTA have become apparent. One major drawback is that conventional FTA uses only static gates and hence can not capture dynamic behaviors of the complex system precisely. Although several attempts such as dynamic fault tree (DFT), PANDORA, formal fault tree (FFT) and so on, have been made to overcome this problem, they can not still do absolute or actual time modeling because they adapt relative time concept and can capture only sequential behaviors of the system. Second drawback of conventional FTA is its lack of rigorous semantics. Because it is informal in nature, safety analysis results heavily depend on an analyst's ability and are error-prone. Finally reasoning process which is to check whether basic events really cause top events is done manually and hence very labor-intensive and timeconsuming for the complex systems. In this paper, we propose a new safety analysis method for complex safety critical system in qualitative manner. We introduce several temporal gates based on timed computational tree logic (TCTL) which can represent quantitative notion of time. Then, we translate the information of the fault trees into UPPAAL query language and the reasoning process is automatically done by UPPAAL which is the model checker for time critical system

Energy Management of Smart Distribution Systems

Science.gov (United States)

Ansari, Bananeh

Electric power distribution systems interface the end-users of electricity with the power grid. Traditional distribution systems are operated in a centralized fashion with the distribution system owner or operator being the only decision maker. The management and control architecture of distribution systems needs to gradually transform to accommodate the emerging smart grid technologies, distributed energy resources, and active electricity end-users or prosumers. The content of this document concerns with developing multi-task multi-objective energy management schemes for: 1) commercial/large residential prosumers, and 2) distribution system operator of a smart distribution system. The first part of this document describes a method of distributed energy management of multiple commercial/ large residential prosumers. These prosumers not only consume electricity, but also generate electricity using their roof-top solar photovoltaics systems. When photovoltaics generation is larger than local consumption, excess electricity will be fed into the distribution system, creating a voltage rise along the feeder. Distribution system operator cannot tolerate a significant voltage rise. ES can help the prosumers manage their electricity exchanges with the distribution system such that minimal voltage fluctuation occurs. The proposed distributed energy management scheme sizes and schedules each prosumer's ES to reduce the electricity bill and mitigate voltage rise along the feeder. The second part of this document focuses on emergency energy management and resilience assessment of a distribution system. The developed emergency energy management system uses available resources and redundancy to restore the distribution system's functionality fully or partially. The success of the restoration maneuver depends on how resilient the distribution system is. Engineering resilience terminology is used to evaluate the resilience of distribution system. The proposed emergency energy

Analysis of Aviation Safety Reporting System Incident Data Associated With the Technical Challenges of the Vehicle Systems Safety Technology Project

Science.gov (United States)

Withrow, Colleen A.; Reveley, Mary S.

2014-01-01

This analysis was conducted to support the Vehicle Systems Safety Technology (VSST) Project of the Aviation Safety Program (AVsP) milestone VSST4.2.1.01, "Identification of VSST-Related Trends." In particular, this is a review of incident data from the NASA Aviation Safety Reporting System (ASRS). The following three VSST-related technical challenges (TCs) were the focus of the incidents searched in the ASRS database: (1) Vechicle health assurance, (2) Effective crew-system interactions and decisions in all conditions; and (3) Aircraft loss of control prevention, mitigation, and recovery.

Safety balance: Analysis of safety systems

International Nuclear Information System (INIS)

Delage, M.; Giroux, C.

1990-12-01

Safety analysis, and particularly analysis of exploitation of NPPs is constantly affected by EDF and by the safety authorities and their methodologies. Periodic safety reports ensure that important issues are not missed on daily basis, that incidents are identified and that relevant actions are undertaken. French safety analysis method consists of three principal steps. First type of safety balance is analyzed at the normal start-up phase for each unit including the final safety report. This enables analysis of behaviour of units ten years after their licensing. Second type is periodic operational safety analysis performed during a few years. Finally, the third step consists of safety analysis of the oldest units with the aim to improve the safety standards. The three steps of safety analysis are described in this presentation in detail with the aim to present the objectives and principles. Examples of most recent exercises are included in order to illustrate the importance of such analyses

Improving safety margin of LWRs by rethinking the emergency core cooling system criteria and safety system capacity

Energy Technology Data Exchange (ETDEWEB)

Lee, Youho, E-mail: euo@kaist.ac.kr; Kim, Bokyung, E-mail: bkkim2@kaist.ac.kr; NO, Hee Cheon, E-mail: hcno@kaist.ac.kr

2016-10-15

Highlights: • Zircaloy embrittlement criteria can increase to 1370 °C for CP-ECR lower than 13%. • The draft ECCS criteria of U.S. NRC allow less than 5% in power margin. • The Japanese fracture-based criteria allow around 5% in power margin. • Increasing SIT inventory is effective in assuring safety margin for power uprates. - Abstract: This study investigates the engineering compatibility between emergency core cooling system criteria and safety water injection systems, in the pursuit of safety margin increase of light water reactors. This study proposes an acceptable temperature increase to 1370 °C as long as equivalent cladding reacted calculated by the Cathcart–Pawel equation is below 13%, after an extensive literature review. The influence of different ECCS criteria on the safety margin during large break loss of coolant accident is investigated for OPR-1000 by the system code MARS-KS, implemented with the KINS-REM method. The fracture-based emergency core cooling system (ECCS) criteria proposed in this study are shown to enable power margins up to 10%. In the meantime, the draft U.S. NRC’s embrittlement criteria (burnup-sensitive) and Japanese fracture-based criteria are shown to allow less than 5%, and around 5% of power margins, respectively. Increasing safety injection tank (SIT) water inventory is the key, yet convenient, way of assuring safety margin for power increase. More than 20% increase in the SIT water inventory is required to allow 15% power margins, for the U.S. NRC’s burnup-dependent embrittlement criteria. Controlling SIT water inventory would be a useful option that could allow the industrial desire to pursue power margins even under the recent atmosphere of imposing stricter ECCS criteria for the considerable burnup effects.

Thermal Distribution System | Energy Systems Integration Facility | NREL

Science.gov (United States)

Thermal Distribution System Thermal Distribution System The Energy Systems Integration Facility's . Photo of the roof of the Energy Systems Integration Facility. The thermal distribution bus allows low as 10% of its full load level). The 60-ton chiller cools water with continuous thermal control

Integrated environment, safety, and health management system description

International Nuclear Information System (INIS)

Zoghbi, J. G.

2000-01-01

The Integrated Environment, Safety, and Health Management System Description that is presented in this document describes the approach and management systems used to address integrated safety management within the Richland Environmental Restoration Project

A Nuclear Safety System based on Industrial Computer

International Nuclear Information System (INIS)

Kim, Ji Hyeon; Oh, Do Young; Lee, Nam Hoon; Kim, Chang Ho; Kim, Jae Hack

2011-01-01

The Plant Protection System(PPS), a nuclear safety Instrumentation and Control (I and C) system for Nuclear Power Plants(NPPs), generates reactor trip on abnormal reactor condition. The Core Protection Calculator System (CPCS) is a safety system that generates and transmits the channel trip signal to the PPS on an abnormal condition. Currently, these systems are designed on the Programmable Logic Controller(PLC) based system and it is necessary to consider a new system platform to adapt simpler system configuration and improved software development process. The CPCS was the first implementation using a micro computer in a nuclear power plant safety protection system in 1980 which have been deployed in Ulchin units 3,4,5,6 and Younggwang units 3,4,5,6. The CPCS software was developed in the Concurrent Micro5 minicomputer using assembly language and embedded into the Concurrent 3205 computer. Following the micro computer based CPCS, PLC based Common-Q platform has been used for the ShinKori/ShinWolsong units 1,2 PPS and CPCS, and the POSAFE-Q PLC platform is used for the ShinUlchin units 1,2 PPS and CPCS. In developing the next generation safety system platform, several factors (e.g., hardware/software reliability, flexibility, licensibility and industrial support) can be considered. This paper suggests an Industrial Computer(IC) based protection system that can be developed with improved flexibility without losing system reliability. The IC based system has the advantage of a simple system configuration with optimized processor boards because of improved processor performance and unlimited interoperability between the target system and development system that use commercial CASE tools. This paper presents the background to selecting the IC based system with a case study design of the CPCS. Eventually, this kind of platform can be used for nuclear power plant safety systems like the PPS, CPCS, Qualified Indication and Alarm . Pami(QIAS-P), and Engineering Safety

A Nuclear Safety System based on Industrial Computer

Energy Technology Data Exchange (ETDEWEB)

Kim, Ji Hyeon; Oh, Do Young; Lee, Nam Hoon; Kim, Chang Ho; Kim, Jae Hack [Korea Electric Power Corporation Engineering and Construction, Daejeon (Korea, Republic of)

2011-05-15

The Plant Protection System(PPS), a nuclear safety Instrumentation and Control (I and C) system for Nuclear Power Plants(NPPs), generates reactor trip on abnormal reactor condition. The Core Protection Calculator System (CPCS) is a safety system that generates and transmits the channel trip signal to the PPS on an abnormal condition. Currently, these systems are designed on the Programmable Logic Controller(PLC) based system and it is necessary to consider a new system platform to adapt simpler system configuration and improved software development process. The CPCS was the first implementation using a micro computer in a nuclear power plant safety protection system in 1980 which have been deployed in Ulchin units 3,4,5,6 and Younggwang units 3,4,5,6. The CPCS software was developed in the Concurrent Micro5 minicomputer using assembly language and embedded into the Concurrent 3205 computer. Following the micro computer based CPCS, PLC based Common-Q platform has been used for the ShinKori/ShinWolsong units 1,2 PPS and CPCS, and the POSAFE-Q PLC platform is used for the ShinUlchin units 1,2 PPS and CPCS. In developing the next generation safety system platform, several factors (e.g., hardware/software reliability, flexibility, licensibility and industrial support) can be considered. This paper suggests an Industrial Computer(IC) based protection system that can be developed with improved flexibility without losing system reliability. The IC based system has the advantage of a simple system configuration with optimized processor boards because of improved processor performance and unlimited interoperability between the target system and development system that use commercial CASE tools. This paper presents the background to selecting the IC based system with a case study design of the CPCS. Eventually, this kind of platform can be used for nuclear power plant safety systems like the PPS, CPCS, Qualified Indication and Alarm . Pami(QIAS-P), and Engineering Safety

The system of the measurement of reactor power and the monitoring of core power distribution

International Nuclear Information System (INIS)

Li Xianfeng

1999-01-01

The author mainly describes the measurement of the reactor power and the monitoring of the core power distribution in DAYA BAY nuclear power plant, introduces the calibration for the measurement system. Ex-core nuclear instrumentation system (RPN) and LOCA surveillance system (LSS) are the most important system for the object. they perform the measurement of the reactor power and the monitoring of the core power distribution on-line and timely. They also play the important roles in the reactor control and the reactor protection. For the same purpose there are test instrumentation system (KME) and in-core instrumentation system (RIC). All of them work together ensuring the exact measurement and effective monitoring, ensuring the safety of the reactor power plant

Optimal inspection and replacement periods of the safety system in Wolsung Nuclear Power Plant Unit 1 with an optimized cost perspective

International Nuclear Information System (INIS)

Jinil Mok; Poong Hyun Seong

1996-01-01

In this work, a model for determining the optimal inspection and replacement periods of the safety system in Wolsung Nuclear Power Plant Unit 1 is developed, which is to minimize economic loss caused by inadvertent trip and the system failure. This model uses cost benefit analysis method and the part for optimal inspection period considers the human error. The model is based on three factors as follows: (i) The cumulative failure distribution function of the safety system, (ii) The probability that the safety system does not operate due to failure of the system or human error when the safety system is needed at an emergency condition and (iii) The average probability that the reactor is tripped due to the failure of system components or human error. The model then is applied to evaluate the safety system in Wolsung Nuclear Power Plant Unit 1. The optimal replacement periods which are calculated with proposed model differ from those used in Wolsung NPP Unit 1 by about a few days or months, whereas the optimal inspection periods are in about the same range. (author)

Reliability analysis of Angra I safety systems

International Nuclear Information System (INIS)

Oliveira, L.F.S. de; Soto, J.B.; Maciel, C.C.; Gibelli, S.M.O.; Fleming, P.V.; Arrieta, L.A.

1980-07-01

An extensive reliability analysis of some safety systems of Angra I, are presented. The fault tree technique, which has been successfully used in most reliability studies of nuclear safety systems performed to date is employed. Results of a quantitative determination of the unvailability of the accumulator and the containment spray injection systems are presented. These results are also compared to those reported in WASH-1400. (E.G.) [pt

Design of the reactor coolant system and associated systems in nuclear power plants. Safety guide

International Nuclear Information System (INIS)

2008-01-01

This Safety Guide was prepared under the IAEA programme for establishing safety standards for nuclear power plants. The basic requirements for the design of safety systems for nuclear power plants are established in the Safety Requirements publication, Safety Standards Series No. NS-R-1 on Safety of Nuclear Power Plants: Design, which it supplements. This Safety Guide describes how the requirements for the design of the reactor coolant system (RCS) and associated systems in nuclear power plants should be met. 1.2. This publication is a revision and combination of two previous Safety Guides, Safety Series No. 50-SG-D6 on Ultimate Heat Sink and Directly Associated Heat Transport Systems for Nuclear Power Plants (1981), and Safety Series No. 50-SG-D13 on Reactor Coolant and Associated Systems in Nuclear Power Plants (1986), which are superseded by this new Safety Guide. 1.3. The revision takes account of developments in the design of the RCS and associated systems in nuclear power plants since the earlier Safety Guides were published in 1981 and 1986, respectively. The other objectives of the revision are to ensure consistency with Ref., issued in 2000, and to update the technical content. In addition, an appendix on pressurized heavy water reactors (PHWRs) has been included

Preliminary investigation on reliability assessment of passive safety system

International Nuclear Information System (INIS)

Huang Changfan; Kuang Bo

2012-01-01

The reliability evaluation of passive safety system plays an important part in probabilistic safety assessment (PSA) of nuclear power plant applying passive safety design, which depends quantitatively on reliabilities of passive safety system. According to the object of reliability assessment of passive safety system, relevant parameters are identified. Then passive system behavior during accident scenarios are studied. A practical example of this method is given for the case of reliability assessment of AP1000 passive heat removal system in loss of normal feedwater accident. Key and design parameters of PRHRS are identified and functional failure criteria are established. Parameter combinations acquired by Latin hyper~ cube sampling (LHS) in possible parametric ranges are input and calculations of uncertainty propagation through RELAP5/MOD3 code are carried out. Based on the calculations, sensitivity assessment on PRHRS functional criteria and reliability evaluation of the system are presented, which might provide further PSA with PRHR system reliability. (authors)

DESIGN PACKAGE 1E SYSTEM SAFETY ANALYSIS

Energy Technology Data Exchange (ETDEWEB)

M. Salem

1995-06-23

The purpose of this analysis is to systematically identify and evaluate hazards related to the Yucca Mountain Project Exploratory Studies Facility (ESF) Design Package 1E, Surface Facilities, (for a list of design items included in the package 1E system safety analysis see section 3). This process is an integral part of the systems engineering process; whereby safety is considered during planning, design, testing, and construction. A largely qualitative approach was used since a radiological System Safety Analysis is not required. The risk assessment in this analysis characterizes the accident scenarios associated with the Design Package 1E structures/systems/components(S/S/Cs) in terms of relative risk and includes recommendations for mitigating all identified risks. The priority for recommending and implementing mitigation control features is: (1) Incorporate measures to reduce risks and hazards into the structure/system/component design, (2) add safety devices and capabilities to the designs that reduce risk, (3) provide devices that detect and warn personnel of hazardous conditions, and (4) develop procedures and conduct training to increase worker awareness of potential hazards, on methods to reduce exposure to hazards, and on the actions required to avoid accidents or correct hazardous conditions.

A new concept of safety parameter display system

International Nuclear Information System (INIS)

Martinez, A.S.; Oliveira, L.F.S. de; Schirru, R.; Thome Filho, Z.D.; Silva, R.A. da.

1986-07-01

A general description of Angra-1 Parameter Display System (SSPA), a real time and on-line computerized monitoring system for the parameters related to the power plant safety is presented. This system has the main purpose of diminish the load on the Angra-1 power plant operators at an emergency event by supplying them with the additional tools serving as the basis for a prompt identification of the accident. The SSPA is a kind of safety parameter display system whose concept was introduced after Three Mile Island accident in USA. The SSPA comprises two nuclear applications independently considered. They are included into the Parameters Monitoring Integrated System (SIMP) and the safety critical function system (SFCS). (Author) [pt

Innovation research on the safety supervision system of nuclear and radiation safety in Jiangsu province

International Nuclear Information System (INIS)

Zhang Qihong; Lu Jigen; Zhang Ping; Wang Wanping; Dai Xia

2012-01-01

As the rapid development of nuclear technology, the safety supervision of nuclear and radiation becomes very important. The safety radiation frame system should be constructed, the safety super- vision ability for nuclear and radiation should be improved. How to implement effectively above mission should be a new subject of Provincial environmental protection department. Through investigating the innovation of nuclear and radiation supervision system, innovation of mechanism, innovation of capacity, innovation of informatization and so on, the provincial nuclear and radiation safety supervision model is proposed, and the safety framework of nuclear and radiation in Jiangsu is elementally established in the paper. (authors)

Block scale interpretation on the spatial distribution of the fracture system in the study sites

Energy Technology Data Exchange (ETDEWEB)

Kim, Kyung Su; Bae, Dae Seok; Kim, Chun Soo; Koh, Yong Kweon; Kim, Geon Young [Korea Atomic Energy Research Institute, Taejeon (Korea)

2002-05-01

The safety of waste disposal can be achieved by a complete isolation of radioactive wastes from biosphere or by a retardation of nuclide migration to reach an acceptable dose level. For the deep geological disposal of high-level radioactive waste, the potential pathways of nuclide primarily depend on the spatial distribution characteristics of conductive fractures in rock mass. This study aims to characterize the spatial distribution characteristics of regional lineaments and background fracture system in eastern and western-type granite rock mass. The spatial distribution characteristics of the fracture system around 500m depth has been estimated based on the homogeneous discontinuity domain except for the highly fractured upper zone. 6 refs., 16 figs., 7 tabs. (Author)

Development of the Advanced Nuclear Safety Information Management (ANSIM) System

Energy Technology Data Exchange (ETDEWEB)

Sohn, Jae Min; Ko, Young Cheol; Song, Tai Gil [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2012-05-15

Korea has become a technically independent nuclear country and has grown into an exporter of nuclear technologies. Thus, nuclear facilities are increasing in significance at KAERI (Korea Atomic Energy Research Institute), and it is time to address the nuclear safety. The importance of nuclear safety cannot be overemphasized. Therefore, a management system is needed urgently to manage the safety of nuclear facilities and to enhance the efficiency of nuclear information. We have established ISP (Information Strategy Planning) for the Integrated Information System of nuclear facility and safety management. The purpose of this paper is to develop a management system for nuclear safety. Therefore, we developed the Advanced Nuclear Safety Information Management system (hereinafter referred to as the 'ANSIM system'). The ANSIM system has been designed and implemented to computerize nuclear safety information for standardization, integration, and sharing in real-time. Figure 1 shows the main home page of the ANSIM system. In this paper, we describe the design requirements, contents, configurations, and utilizations of the ANSIM system

Development of a safety parameter supervision system for Angra-1

International Nuclear Information System (INIS)

Silva, R.A. da; Thome Filho, Z.D.; Schirru, R.; Martinez, A.S.; Oliveira, L.F.S. de

1986-01-01

The Safety Parameter Supervision System (SSPS) which is a computerized system for monitoring essential parameters in real time, determining the safety status and emergency procedures for returning normal reactor operation, in case of an anomaly occurrence, is presented. The SSPS consists of three sub-systems: Integrated parameter monitoring system which gives to operators an integrated vision of values of a parameter set, able to detect any deviation of normal reactor operation; safety critical function system which evaluates safety status in terms of a safety critical function set appointed in advance, and in case of violation of any critical function, it initiates the adequate emergency procedure to return normal operation; and safety parameter computer system which carries out the arquirement of analogic and digital control signals of nuclear power plant. (M.C.K.) [pt

Development of web-based safety review advisory system

International Nuclear Information System (INIS)

Kim, M. W.; Lee, H. C.; Park, S. O.; Lee, K. H.; Hur, K. Y.; Lee, S. J.; Choi, S. S.; Kang, C. M.

2002-01-01

For the development of an expert system supporting the safety review of nuclear power plants, the application was implemented after gathering necessary theoretical background and practical requirements. The general and the detail functional specifications were established, and they are investigated by KINS (Korea Institute of Nuclear Safety). The Safety Review Advisory System(SRAS), this application on web-server environment was developed according to the above specifications. Reviews can do their safety reviewing regardless of their speciality or reviewing experiences because SRAS is operated by the safety review plans which are converted to standardized format. When the safety reviewing is carried out by using SRAS, the results of safety reviewing are accumulated in the database and may be utilized later usefully, and we can grasp safety reviewing progress. Users of SRAS are categorized into four groups, administrator, project manager, project reviewer and general reviewer. Each user group is delegated appropriate access capability. The function and some screen shots of SRAS are described

Technical features of ABWR safety systems

International Nuclear Information System (INIS)

Sugisaki, Toshihiko; Tominaga, Kenji; Horiuchi, Tetsuo

1986-01-01

The engineering safety facilities of ABWRs have been disigned so as to have many excellent characteristics such as safety, reliability and economy, reflecting the merit of adopting new technology such as internal pumps and new control rod driving mechanism, and coupled with the safety peculiar to BWRs. In this paper, about ECCS, containment vessels and others which compose the engineering safety facilities of ABWRs, the characteristics related to the safety owing to the adoption of internal pumps and others, and the evaluation of the performance at the time of various accidents are discussed. As the results of safety evaluation, it was clarified that due to the safety peculiar to ABWRs and the characteristics of the safety facilities, the large increases of safety, reliability and economy have been planned in the ABWRs, and for example, core flooding can be maintained even at the time of a hypothetical loss of coolant accident. BWRs have the simple system constitution, good self controllability, large natural circulation ability, simple operation control method and excellent ability of confining heat and radioactivity. BWRs have three safety functions to stop reactors, to remove heat from reactors, and to confine radioactive substances. These functions of ABWRs were evaluated, and very high safety was confirmed. (Kako, I.)

Critical Characteristics of Radiation Detection System Components to be Dedicated for use in Safety Class and Safety Significant System

International Nuclear Information System (INIS)

DAVIS, S.J.

2000-01-01

This document identifies critical characteristics of components to be dedicated for use in Safety Significant (SS) Systems, Structures, or Components (SSCs). This document identifies the requirements for the components of the common, radiation area, monitor alarm in the WESF pool cell. These are procured as Commercial Grade Items (CGI), with the qualification testing and formal dedication to be performed at the Waste Encapsulation Storage Facility (WESF) for use in safety significant systems. System modifications are to be performed in accordance with the approved design. Components for this change are commercially available and interchangeable with the existing alarm configuration This document focuses on the operational requirements for alarm, declaration of the safety classification, identification of critical characteristics, and interpretation of requirements for procurement. Critical characteristics are identified herein and must be verified, followed by formal dedication, prior to the components being used in safety related applications

Design of an Active Automotive Safety System

Directory of Open Access Journals (Sweden)

Y. Wang

2013-07-01

Full Text Available With the development of the national economy, the people's standard of living got corresponding improvement, cars has been one of the indispensable traffic tools in many families. An active safety system is proposed, which can real-time detect the vehicle's running status and judge the security status of the vehicle. The system, which takes single-chip microcomputer as the controlling core and combines with millimeter-wave and ultrasonic distance measurement technology, can detect the distance from vehicle to vehicle and judge the security status of the vehicle. The hardware composition of the system and the data acquiring circuit are proposed, the mathematic model for different situation is established, and the controlling algorithm is completed. This system can accurately measure speed and distance between vehicles; the active safety control system can meet the relevant data measurement and transmission requirement; and can meet the functional requirement of the active safety control system

FY 1974 report on the results of the Sunshine Project. Study on a system to refine/transport/store hydrogen and the safety technology; 1974 nendo suiso no seisei yuso chozo system oyobi hoan gijjutsu ni kansuru kenkyu seika hokokusho

Energy Technology Data Exchange (ETDEWEB)

NONE

1975-05-31

This study aims at the following. As to an alternative plan of the hydrogen distribution system, this paper makes the comprehensive evaluation from viewpoints of possibility, adaptability to society, economical efficiency, reliability, dynamic characteristics, etc., selects the most rational system and picked up the problems for realization of the system. It also sets up standards for safety technology relating to the hydrogen energy system and acquires the basic knowledge/information on concrete disaster prevention technology which backs up the standards. Among those, in this fiscal year, as system analysis of the hydrogen distribution system, study was made on system analysis of the system alternative plan and problems on system realization. Next, as an investigational study on safety technology in hydrogen energy system, the paper conducted the survey/collection in Japan and abroad of the present law, standards for handling, and examples of disaster/accident in relation to hydrogen, and the survey research on the concrete safety problem predicted. The paper studied the technology related to the safety problem required for safety (survey of effects of impurities, measuring technology, technology to prevent leakage accidents, etc. ). (NEDO)

LOCA analysis of SCWR-M with passive safety system

Energy Technology Data Exchange (ETDEWEB)

Liu, X.J., E-mail: xiaojingliu@sjtu.edu.cn [School of Nuclear Science and Engineering, Shanghai Jiao Tong University, 800 Dong Chuan Road, Shanghai 200240 (China); Fu, S.W. [Navy University of Engineering, Wuhan, Hubei (China); Xu, Z.H. [Shanghai Nuclear Engineering Research and Design Institute, Shanghai (China); Yang, Y.H. [School of Nuclear Science and Engineering, Shanghai Jiao Tong University, 800 Dong Chuan Road, Shanghai 200240 (China); Cheng, X. [Institute of Fusion and Nuclear Technology, Karlsruhe Institute of Technology (KIT), Kaiserstr. 12, 76131 Karlsruhe (Germany)

2013-06-15

Highlights: • Application of the ATHLET-SC code to the trans-critical analysis for SCWR. • Development of a passive safety system for SCWR-M. • Analysis of hot/cold leg LOCA behaviour with different break size. • Introduction of some mitigation measures for SCWR-M -- Abstract: A new SCWR conceptual design (mixed spectrum supercritical water cooled reactor: SCWR-M) is proposed by Shanghai Jiao Tong University (SJTU). R and D activities covering core design, safety system design and code development of SCWR-M are launched at SJTU. Safety system design and analysis is one of the key tasks during the development of SCWR-M. Considering the current advanced reactor design, a new passive safety system for SCWR-M including isolation cooling system (ICS), accumulator injection system (ACC), gravity driven cooling system (GDCS) and automatic depressurization system (ADS) is proposed. Based on the modified and preliminarily assessed system code ATHLET-SC, loss of coolant accident (LOCA) analysis for hot and cold leg is performed in this paper. Three different break sizes are analyzed to clarify the hot and cold LOCA characteristics of the SCWR-M. The influence of the break location and break size on the safety performance of SCWR-M is also concluded. Several measures to induce the core coolant flow and to mitigate core heating up are also discussed. The results achieved so far demonstrate the feasibility of the proposed passive safety system to keep the SCWR-M core at safety condition during loss of coolant accident.

Passive safety systems for integral reactors

International Nuclear Information System (INIS)

Kuul, V.S.; Samoilov, O.B.

1996-01-01

In this paper, a wide range of passive safety systems intended for use on integral reactors is considered. The operation of these systems relies on natural processes and does not require external power supplies. Using these systems, there is the possibility of preventing serious consequences for all classes of accidents including reactivity, loss-of-coolant and loss of heat sink as well as severe accidents. Enhancement of safety system reliability has been achieved through the use of self-actuating devices, capable of providing passive initiation of protective and isolation systems, which respond immediately to variations in the physical parameters of the fluid in the reactor or in a guard vessel. For beyond design base accidents accompanied by complete loss of heat removal capability, autonomous self-actuated ERHR trains have been proposed. These trains are completely independent of the secondary loops and need no action to isolate them from the steam turbine plant. Passive safety principles have been consistently implemented in AST-500, ATETS-200 and VPBER 600 which are new generation NPPs developed by OKBM. Their main characteristic is enhanced stability over a wide range of internal and external emergency initiators. (author). 10 figs

Passive safety systems for integral reactors

Energy Technology Data Exchange (ETDEWEB)

Kuul, V S; Samoilov, O B [OKB Mechanical Engineering (Russian Federation)

1996-12-01

In this paper, a wide range of passive safety systems intended for use on integral reactors is considered. The operation of these systems relies on natural processes and does not require external power supplies. Using these systems, there is the possibility of preventing serious consequences for all classes of accidents including reactivity, loss-of-coolant and loss of heat sink as well as severe accidents. Enhancement of safety system reliability has been achieved through the use of self-actuating devices, capable of providing passive initiation of protective and isolation systems, which respond immediately to variations in the physical parameters of the fluid in the reactor or in a guard vessel. For beyond design base accidents accompanied by complete loss of heat removal capability, autonomous self-actuated ERHR trains have been proposed. These trains are completely independent of the secondary loops and need no action to isolate them from the steam turbine plant. Passive safety principles have been consistently implemented in AST-500, ATETS-200 and VPBER 600 which are new generation NPPs developed by OKBM. Their main characteristic is enhanced stability over a wide range of internal and external emergency initiators. (author). 10 figs.

Report of study group 5.4 remote operation of distribution networks; Rapport du comite de travail 5.4 distribution du gaz: exploitation a distance des reseaux de distribution

Energy Technology Data Exchange (ETDEWEB)

Spohn, D.; Osiadacz, A.

2000-07-01

This study by the IGU WOC 5.4 reviews, at a management level, the application of remote monitoring and control systems for distribution networks. Gas distribution companies have to carefully balance the safety, quality, economic and financial aspects of managing geographically distributed assets to meet customer needs. Remote systems are a key tool in meeting these objectives. A questionnaire was developed to identify the key drives for the selection of remote monitoring and control systems, high level company parameters and current technologies in use. The field in questionnaires received by the WOC 5.4 show that monitoring equipment and remote control systems for gas distribution in various configurations are commonly utilized by the firms operating in this field. The reason why the firms themselves did adopt a remote control system mainly depends on safety as well as on a reduction of operating costs due to reduction in the personnel and related overheads associated with the management of the system. (authors)

Safety of emerging nuclear energy systems

International Nuclear Information System (INIS)

Novikov, V.M.; Slesarev, I.S.

1989-01-01

The first stage of world nuclear power development based on light water fission reactors has demonstrated not only rather high rate but at the same time too optimistic attitude to safety problems. Large accidents at Three Mile Island and Chernobyl essentially affects the concept of NP development. As a result the safety and social acceptance of NP became of absolute priority among other problems. That's why emerging nuclear power systems should be first of all estimated from this point of view. In the paper some quantitative criteria of safety derived from estimations of social risk and economic-ecological damage from hypothetical accidents are formulated. On the base of these criteria we define two stages of possible way to meet safety demands: first--development of high safety fission reactors and second--that of asymptotic high safety ENEs. The limits of tolorated expenses for safety are regarded. The basis physical factors determining hazards of NES accidents are considered. This permits to classify the ways of safety demands fulfillment due to physical principals used

Development of Network Protocol for the Integrated Safety System

Energy Technology Data Exchange (ETDEWEB)

Park, S. W.; Baek, J. I.; Lee, S. H.; Park, C. S.; Park, K. H.; Shin, J. M. [Hannam Univ., Daejeon (Korea, Republic of)

2007-06-15

Communication devices in the safety system of nuclear power plants are distinguished from those developed for commercial purposes in terms of a strict requirement of safety. The concept of safety covers the determinability, the reliability, and the separation/isolation to prevent the undesirable interactions among devices. The safety also requires that these properties be never proof less. Most of the current commercialized communication products rarely have the safety properties. Moreover, they can be neither verified nor validated to satisfy the safety property of implementation process. This research proposes the novel architecture and protocol of a data communication network for the safety system in nuclear power plants.

Development of Network Protocol for the Integrated Safety System

International Nuclear Information System (INIS)

Park, S. W.; Baek, J. I.; Lee, S. H.; Park, C. S.; Park, K. H.; Shin, J. M.

2007-06-01

Communication devices in the safety system of nuclear power plants are distinguished from those developed for commercial purposes in terms of a strict requirement of safety. The concept of safety covers the determinability, the reliability, and the separation/isolation to prevent the undesirable interactions among devices. The safety also requires that these properties be never proof less. Most of the current commercialized communication products rarely have the safety properties. Moreover, they can be neither verified nor validated to satisfy the safety property of implementation process. This research proposes the novel architecture and protocol of a data communication network for the safety system in nuclear power plants

The passive safety systems of the Swr 1000

International Nuclear Information System (INIS)

Neumann, D.

2001-01-01

In recent years, a new boiling water reactor (BWR) plant called the SWR 1000 has been developed by Siemens on behalf of Germany's electric utilities. This new plant design concept incorporates the wide range of operating experience gained with German BWRs. The main objective behind developing the SWR 1000 was to design a plant with a rated electric output of approximately 1000 MW which would not only have a lower capital cost and lower power generating costs but would also provide a much higher level of nuclear safety compared to plants currently in operation. This safety-related goal has been met through, for example, the use of passive safety equipment. Passive systems make a significant contribution towards increasing the over-all level of plant safety due to the way in which they operate. They function solely accord-ing to basic laws of nature, such as gravity, and perform their designated functions with-out any need for electric power or other sources of external energy, or signals from instrumentation and control (I and C) equipment. The passive safety systems have been designed such that design basis accidents can be controlled using just these systems alone. However, the design concept of the SWR 1000 is nevertheless still based on the provision of active safety systems in addition to passive systems. (author)

Optimal Design of Safety Instrumented Systems for Pressure Control of Methanol Separation Columns in the Bisphenol a Manufacturing Process

Directory of Open Access Journals (Sweden)

In-Bok Lee

2016-12-01

Full Text Available A bisphenol A production plant possesses considerable potential risks in the top of the methanol separation column, as pressurized acetone, methanol, and water are processed at an elevated temperature, especially in the event of an abnormal pressure increase due to a sudden power outage. This study assesses the potential risks in the methanol separation column through hazard and operability assessments and evaluates the damages in the case of fire and explosion accident scenarios. The study chooses three leakage scenarios: a 5-mm puncture on the methanol separation column, a 50-mm diameter fracture of a discharge pipe and a catastrophic rupture, and, simulated using Phast (Ver. 6.531, the concentration distribution of scattered methanol, thermal radiation distribution of fires, and overpressure distribution of vapor cloud explosions. Implementation of a safety-instrumented system equipped with two-out-of-three voting as a safety measure can detect overpressure at the top of the column and shut down the main control valve and the emergency shutoff valve simultaneously. By applying a safety integrity level of three, the maximal release volume of the safety relief valve can be reduced and, therefore, the design capacity of the flare stack can also be reduced. Such integration will lead to improved safety at a reduced cost.

Distributed systems

CERN Document Server

Van Steen, Maarten

2017-01-01

For this third edition of "Distributed Systems," the material has been thoroughly revised and extended, integrating principles and paradigms into nine chapters: 1. Introduction 2. Architectures 3. Processes 4. Communication 5. Naming 6. Coordination 7. Replication 8. Fault tolerance 9. Security A separation has been made between basic material and more specific subjects. The latter have been organized into boxed sections, which may be skipped on first reading. To assist in understanding the more algorithmic parts, example programs in Python have been included. The examples in the book leave out many details for readability, but the complete code is available through the book's Website, hosted at www.distributed-systems.net.

Drinking Water Distribution Systems

Science.gov (United States)

Learn about an overview of drinking water distribution systems, the factors that degrade water quality in the distribution system, assessments of risk, future research about these risks, and how to reduce cross-connection control risk.

Survey of systems safety analysis methods and their application to nuclear waste management systems

International Nuclear Information System (INIS)

Pelto, P.J.; Winegardner, W.K.; Gallucci, R.H.V.

1981-11-01

This report reviews system safety analysis methods and examines their application to nuclear waste management systems. The safety analysis methods examined include expert opinion, maximum credible accident approach, design basis accidents approach, hazard indices, preliminary hazards analysis, failure modes and effects analysis, fault trees, event trees, cause-consequence diagrams, G0 methodology, Markov modeling, and a general category of consequence analysis models. Previous and ongoing studies on the safety of waste management systems are discussed along with their limitations and potential improvements. The major safety methods and waste management safety related studies are surveyed. This survey provides information on what safety methods are available, what waste management safety areas have been analyzed, and what are potential areas for future study

Survey of systems safety analysis methods and their application to nuclear waste management systems

Energy Technology Data Exchange (ETDEWEB)

Pelto, P.J.; Winegardner, W.K.; Gallucci, R.H.V.

1981-11-01

This report reviews system safety analysis methods and examines their application to nuclear waste management systems. The safety analysis methods examined include expert opinion, maximum credible accident approach, design basis accidents approach, hazard indices, preliminary hazards analysis, failure modes and effects analysis, fault trees, event trees, cause-consequence diagrams, G0 methodology, Markov modeling, and a general category of consequence analysis models. Previous and ongoing studies on the safety of waste management systems are discussed along with their limitations and potential improvements. The major safety methods and waste management safety related studies are surveyed. This survey provides information on what safety methods are available, what waste management safety areas have been analyzed, and what are potential areas for future study.

Overview of Risk Mitigation for Safety-Critical Computer-Based Systems

Science.gov (United States)

Torres-Pomales, Wilfredo

2015-01-01

This report presents a high-level overview of a general strategy to mitigate the risks from threats to safety-critical computer-based systems. In this context, a safety threat is a process or phenomenon that can cause operational safety hazards in the form of computational system failures. This report is intended to provide insight into the safety-risk mitigation problem and the characteristics of potential solutions. The limitations of the general risk mitigation strategy are discussed and some options to overcome these limitations are provided. This work is part of an ongoing effort to enable well-founded assurance of safety-related properties of complex safety-critical computer-based aircraft systems by developing an effective capability to model and reason about the safety implications of system requirements and design.

Simplified safety and containment systems for the iris reactor

International Nuclear Information System (INIS)

Conway, L.E.; Lombardi, C.; Ricotti, M.; Oriani, L.

2001-01-01

The IRIS (International Reactor Innovative and Secure) is a 100 - 300 MW modular type pressurized water reactor supported by the U.S. DOE NERI Program. IRIS features a long-life core to provide proliferation resistance and to reduce the volume of spent fuel, as well as reduce maintenance requirements. IRIS utilizes an integral reactor vessel that contains all major primary system components. This integral reactor vessel makes it possible to reduce containment size; making the IRIS more cost competitive. IRIS is being designed to enhance reactor safety, and therefore a key aspect of the IRIS program is the development of the safety and containment systems. These systems are being designed to maximize containment integrity, prevent core uncover following postulated accidents, minimize the probability and consequences of severe accidents, and provide a significant simplification over current safety system designs. The design of the IRIS containment and safety systems has been identified and preliminary analyses have been completed. The IRIS safety concept employs some unique features that minimize the consequences of postulated design basis events. This paper will provide a description of the containment design and safety systems, and will summarize the analysis results. (author)

Autonomous system for launch vehicle range safety

Science.gov (United States)

Ferrell, Bob; Haley, Sam

2001-02-01

The Autonomous Flight Safety System (AFSS) is a launch vehicle subsystem whose ultimate goal is an autonomous capability to assure range safety (people and valuable resources), flight personnel safety, flight assets safety (recovery of valuable vehicles and cargo), and global coverage with a dramatic simplification of range infrastructure. The AFSS is capable of determining current vehicle position and predicting the impact point with respect to flight restriction zones. Additionally, it is able to discern whether or not the launch vehicle is an immediate threat to public safety, and initiate the appropriate range safety response. These features provide for a dramatic cost reduction in range operations and improved reliability of mission success. .

System code improvements for modelling passive safety systems and their validation

Energy Technology Data Exchange (ETDEWEB)

Buchholz, Sebastian; Cron, Daniel von der; Schaffrath, Andreas [Gesellschaft fuer Anlagen- und Reaktorsicherheit (GRS) gGmbH, Garching (Germany)

2016-11-15

GRS has been developing the system code ATHLET over many years. Because ATHLET, among other codes, is widely used in nuclear licensing and supervisory procedures, it has to represent the current state of science and technology. New reactor concepts such as Generation III+ and IV reactors and SMR are using passive safety systems intensively. The simulation of passive safety systems with the GRS system code ATHLET is still a big challenge, because of non-defined operation points and self-setting operation conditions. Additionally, the driving forces of passive safety systems are smaller and uncertainties of parameters have a larger impact than for active systems. This paper addresses the code validation and qualification work of ATHLET on the example of slightly inclined horizontal heat exchangers, which are e. g. used as emergency condensers (e. g. in the KERENA and the CAREM) or as heat exchanger in the passive auxiliary feed water systems (PAFS) of the APR+.

Distributed security in closed distributed systems

DEFF Research Database (Denmark)

Hernandez, Alejandro Mario

properties. This is also restricted to distributed systems in which the set of locations is known a priori. All this follows techniques borrowed from both the model checking and the static analysis communities. In the end, we reach a step towards solving the problem of enforcing security in distributed...... systems. We achieve the goal of showing how this can be done, though we restrict ourselves to closed systems and with a limited set of enforceable security policies. In this setting, our approach proves to be efficient. Finally, we achieve all this by bringing together several fields of Computer Science......The goal of the present thesis is to discuss, argue and conclude about ways to provide security to the information travelling around computer systems consisting of several known locations. When developing software systems, security of the information managed by these plays an important role...

Aviation Safety Hotline Information System -

Data.gov (United States)

Department of Transportation — The Aviation Safety Hotline Information System (ASHIS) collects, stores, and retrieves reports submitted by pilots, mechanics, cabin crew, passengers, or the public...

Total Quality Management and the System Safety Secretary

Science.gov (United States)

Elliott, Suzan E.

1993-01-01

The system safety secretary is a valuable member of the system safety team. As downsizing occurs to meet economic constraints, the Total Quality Management (TQM) approach is frequently adopted as a formula for success and, in some cases, for survival.

Distribution system modeling and analysis

CERN Document Server

Kersting, William H

2001-01-01

For decades, distribution engineers did not have the sophisticated tools developed for analyzing transmission systems-often they had only their instincts. Things have changed, and we now have computer programs that allow engineers to simulate, analyze, and optimize distribution systems. Powerful as these programs are, however, without a real understanding of the operating characteristics of a distribution system, engineers using the programs can easily make serious errors in their designs and operating procedures. Distribution System Modeling and Analysis helps prevent those errors. It gives readers a basic understanding of the modeling and operating characteristics of the major components of a distribution system. One by one, the author develops and analyzes each component as a stand-alone element, then puts them all together to analyze a distribution system comprising the various shunt and series devices for power-flow and short-circuit studies. He includes the derivation of all models and includes many num...

Reactivity requirements and safety systems for heavy water reactors

International Nuclear Information System (INIS)

Kati, S.L.; Rustagi, R.S.

1977-01-01

The natural uranium fuelled pressurised heavy water reactors are currently being installed in India. In the design of nuclear reactors, adequate attention has to be given to the safety systems. In recent years, several design modifications having bearing on safety, in the reactor processes, protective and containment systems have been made. These have resulted either from new trends in safety and reliability standards or as a result of feed-back from operating reactors of this type. The significant areas of modifications that have been introduced in the design of Indian PHWR's are: sophisticated theoretical modelling of reactor accidents, reactivity control, two independent fast acting systems, full double containment and improved post-accident depressurisation and building clean-up. This paper brings out the evolution of design of safety systems for heavy water reactors. A short review of safety systems which have been used in different heavy water reactors, of varying sizes, has been made. In particular, the safety systems selected for the latest 235 MWe twin reactor unit station in Narora, in Northern India, have been discussed in detail. Research and Development efforts made in this connection are discussed. The experience of design and operation of the systems in Rajasthan and Kalpakkam reactors has also been outlined

A distribution management system

Energy Technology Data Exchange (ETDEWEB)

Jaerventausta, P; Verho, P; Kaerenlampi, M; Pitkaenen, M [Tampere Univ. of Technology (Finland); Partanen, J [Lappeenranta Univ. of Technology (Finland)

1998-08-01

The development of new distribution automation applications is considerably wide nowadays. One of the most interesting areas is the development of a distribution management system (DMS) as an expansion to the traditional SCADA system. At the power transmission level such a system is called an energy management system (EMS). The idea of these expansions is to provide supporting tools for control center operators in system analysis and operation planning. Nowadays the SCADA is the main computer system (and often the only) in the control center. However, the information displayed by the SCADA is often inadequate, and several tasks cannot be solved by a conventional SCADA system. A need for new computer applications in control center arises from the insufficiency of the SCADA and some other trends. The latter means that the overall importance of the distribution networks is increasing. The slowing down of load-growth has often made network reinforcements unprofitable. Thus the existing network must be operated more efficiently. At the same time larger distribution areas are for economical reasons being monitored at one control center and the size of the operation staff is decreasing. The quality of supply requirements are also becoming stricter. The needed data for new applications is mainly available in some existing systems. Thus the computer systems of utilities must be integrated. The main data source for the new applications in the control center are the AM/FM/GIS (i.e. the network database system), the SCADA, and the customer information system (CIS). The new functions can be embedded in some existing computer system. This means a strong dependency on the vendor of the existing system. An alternative strategy is to develop an independent system which is integrated with other computer systems using well-defined interfaces. The latter approach makes it possible to use the new applications in various computer environments, having only a weak dependency on the

Financial Effect of a Drug Distribution Model Change on a Health System.

Science.gov (United States)

Turingan, Erin M; Mekoba, Bijan C; Eberwein, Samuel M; Roberts, Patricia A; Pappas, Ashley L; Cruz, Jennifer L; Amerine, Lindsey B

2017-06-01

Background: Drug manufacturers change distribution models based on patient safety and product integrity needs. These model changes can limit health-system access to medications, and the financial impact on health systems can be significant. Objective: The primary aim of this study was to determine the health-system financial impact of a manufacturer's change from open to limited distribution for bevacizumab (Avastin), rituximab (Rituxan), and trastuzumab (Herceptin). The secondary aim was to identify opportunities to shift administration to outpatient settings to support formulary change. Methods: To assess the financial impact on the health system, the cost minus discount was applied to total drug expenditure during a 1-year period after the distribution model change. The opportunity analysis was conducted for three institutions within the health system through chart review of each inpatient administration. Opportunity cost was the sum of the inpatient administration cost and outpatient administration margin. Results: The total drug expenditure for the study period was $26 427 263. By applying the cost minus discount, the financial effect of the distribution model change was $1 393 606. A total of 387 administrations were determined to be opportunities to be shifted to the outpatient setting. During the study period, the total opportunity cost was $1 766 049. Conclusion: Drug expenditure increased for the health system due to the drug distribution model change and loss of cost minus discount. The opportunity cost of shifting inpatient administrations could offset the increase in expenditure. It is recommended to restrict bevacizumab, rituximab, and trastuzumab through Pharmacy & Therapeutics Committees to outpatient use where clinically appropriate.

Safety implications of control systems

International Nuclear Information System (INIS)

Smith, O.L.

1983-01-01

The Safety Implications of Control Systems Program has three major activities in support of USI-A47. The first task is a failure mode and effects analysis of all plant systems which may potentially induce control system disturbance that have safety implications. This task has made a preliminary study of overfill events and recommended cases for further analysis on the hybrid simulator. Work continues on overcooling and undercooling. A detailed investigation of electric power network is in progress. LERs are providing guidance on important failure modes that will provide initial conditions for further simulator studies. The simulator taks is generating a detailed model of the control system supported by appropriate neutronics, hydraulics, and thermodynamics submodels of all other principal plant components. The simulator is in the last stages of development. Checkout calculations are in progress to establish model stability, robustness, and qualitative credibility. Verification against benchmark codes and plant data will follow

The micro-processor controlled process radiation monitoring system for reactor safety systems

International Nuclear Information System (INIS)

Mizuno, K.; Noguchi, A.; Kumagami, S.; Gotoh, Y.; Kumahara, T.; Arita, S.

1986-01-01

Digital computers are soon expected to be applied to various real-time safety and safety-related systems in nuclear power plants. Hitachi is now engaged in the development of a micro-processor controlled process radiation monitoring system, which operates on digital processing methods employed with a log ratemeter. A newly defined methodology of design and test procedures is being applied as a means of software program verification for these safety systems. Recently implemented micro-processor technology will help to achieve an advanced man-machine interface and highly reliable performance. (author)

SBO simulations for Integrated Passive Safety System (IPSS) using MARS

International Nuclear Information System (INIS)

Kim, Sang Ho; Jeong, Sung Yeop; Chang, Soon Heung

2012-01-01

The current nuclear power plants have lots of active safety systems with some passive safety systems. The safety of current and future nuclear power plants can be enhanced by the application of additional passive safety systems for the ultimate safety. It is helpful to install the passive safety systems on current nuclear power plants without the design change for the licensibility. For solving the problem about the system complexity shown in the Fukushima accidents, the current nuclear power plants are needed to be enhanced by an additional integrated and simplified system. As a previous research, the integrated passive safety system (IPSS) was proposed to solve the safety issues related with the decay heat removal, containment integrity and radiation release. It could be operated by natural phenomena like gravity, natural circulation and pressure difference without AC power. The five main functions of IPSS are: (a) Passive decay heat removal, (b) Passive emergency core cooling, (c) Passive containment cooling, (d) Passive in vessel retention and ex-vessel cooling, and (e) Filtered venting and pressure control. The purpose of this research is to analyze the performances of each function by using MARS code. The simulated accident scenarios were station black out (SBO) and the additional accidents accompanied by SBO

Development of web-based safety review advisory system

International Nuclear Information System (INIS)

Kim, M. W.; Hur, K. Y.; Lee, S. J.; Choi, S. J.

2002-01-01

For the development of an expert system supporting the safety review of nuclear power plants, the application was implemented after gathering necessary theoretical background and practical requirements. The general and the detail functional specifications were established, and they are investigated by KINS. Safety Review Advisory System (SRAS), this application on web-server environment was developed according to the above specifications. Reviews can do their safety reviewing regardless of their speciality or reviewing experiences because SRAS is operated by the safety review plans which are converted to standardized format. When the safety reviewing is carried out by using SRAS, the results of safety reviewing are accumulated in the database and may be utilized later usefully, and we can grasp safety reviewing progress. Users of SRAS are categorized into four groups, administrator, project manager, project reviewer and general reviewer. Each user group is delegated appropriate access capability. The function and some screen shots of SRAS are described

Towards predictive cardiovascular safety : a systems pharmacology approach

NARCIS (Netherlands)

Snelder, Nelleke

2014-01-01