Safety analysis of accident localization system

International Nuclear Information System (INIS)

1999-01-01

A complex safety analysis of accident localization system of Ignalina NPP was performed. Calculation results obtained, results of non-destruct ing testing and experimental data of reinforced concrete testing of buildings does not revealed deficiencies of buildings of accident localization system at unit 1 of Ignalina NPP. Calculations were performed using codes NEPTUNE, ALGOR, CONTAIN

Analysis approach for common cause failure on non-safety digital control system

Energy Technology Data Exchange (ETDEWEB)

Kim, Yun Goo; Oh, Eungse [Korea Hydro and Nuclear Power Co. Ltd., Daejeon (Korea, Republic of)

2014-05-15

The effects of common cause failure (CCF) on safety digital instrumentation and control (I and C) system had been considered in defense in depth and diversity coping analysis with safety analysis method. For the non-safety system, single failure had been considered for safety analysis. IEEE Std. 603-1991, Clause 5.6.3.1(2), 'Isolation' states that no credible failure on the non-safety side of an isolation device shall prevent any portion of a safety system from meeting its minimum performance requirements during and following any design basis event requiring that safety function. The software CCF is one of the credible failure on the non-safety side. In advanced digital I and C system, same hardware component is used for different control system and the defect in manufacture or common external event can generate CCF. Moreover, the non-safety I and C system uses complex software for its various function and software quality assurance for the development process is less severe than safety software for the cost effective design. Therefore the potential defects in software cannot be ignored and the effect of software CCF on non-safety I and C system is needed to be evaluated. This paper proposes the general process and considerations for the analysis of CCF on non-safety I and C system.

K West integrated water treatment system subproject safety analysis document

International Nuclear Information System (INIS)

SEMMENS, L.S.

1999-01-01

This Accident Analysis evaluates unmitigated accident scenarios, and identifies Safety Significant and Safety Class structures, systems, and components for the K West Integrated Water Treatment System

K West integrated water treatment system subproject safety analysis document

Energy Technology Data Exchange (ETDEWEB)

SEMMENS, L.S.

1999-02-24

This Accident Analysis evaluates unmitigated accident scenarios, and identifies Safety Significant and Safety Class structures, systems, and components for the K West Integrated Water Treatment System.

Qualitative safety analysis in accelerator based systems

International Nuclear Information System (INIS)

Sarkar, P.K.; Chowdhury, Lekha M.

2006-01-01

In recent developments connected to high energy and high current accelerators, the accelerator driven systems (ADS) and the Radioactive Ion Beam (RIB) facilities come in the forefront of application. For medical and industrial applications high current accelerators often need to be located in populated areas. These facilities pose significant radiological hazard during their operation and accidental situations. We have done a qualitative evaluation of radiological safety analysis using the probabilistic safety analysis (PSA) methods for accelerator-based systems. The major contribution to hazard comes from a target rupture scenario in both ADS and RIB facilities. Other significant contributors to hazard in the facilities are also discussed using fault tree and event tree methodologies. (author)

Status of generic actions items and safety analysis system of PHWR

Energy Technology Data Exchange (ETDEWEB)

Park, Joo Hwan; Min, Byung Joo

2001-05-01

This report described the review results of a GAIs(Generic Action Item) currently issued on safety analysis of PHWR(Pressurized Heavy Water Reactor) and the research activities and positions to solve the GAIs in each country which possess PHWRs. eviewing the Final Safety Analysis Report for Wolsong-2/3/4 Units, the safety analysis methodology, classification for accident scenarios, safety analysis codes, their interface, etc.. were described. From the present review report, it is intended to establish the CANDU safety analysis system by providing the better understandings and development plans for the safety analysis of PHWR. esults.

System safety analysis of an autonomous mobile robot

International Nuclear Information System (INIS)

Bartos, R.J.

1994-01-01

Analysis of the safety of operating and maintaining the Stored Waste Autonomous Mobile Inspector (SWAMI) II in a hazardous environment at the Fernald Environmental Management Project (FEMP) was completed. The SWAMI II is a version of a commercial robot, the HelpMate trademark robot produced by the Transitions Research Corporation, which is being updated to incorporate the systems required for inspecting mixed toxic chemical and radioactive waste drums at the FEMP. It also has modified obstacle detection and collision avoidance subsystems. The robot will autonomously travel down the aisles in storage warehouses to record images of containers and collect other data which are transmitted to an inspector at a remote computer terminal. A previous study showed the SWAMI II has economic feasibility. The SWAMI II will more accurately locate radioactive contamination than human inspectors. This thesis includes a System Safety Hazard Analysis and a quantitative Fault Tree Analysis (FTA). The objectives of the analyses are to prevent potentially serious events and to derive a comprehensive set of safety requirements from which the safety of the SWAMI II and other autonomous mobile robots can be evaluated. The Computer-Aided Fault Tree Analysis (CAFTA copyright) software is utilized for the FTA. The FTA shows that more than 99% of the safety risk occurs during maintenance, and that when the derived safety requirements are implemented the rate of serious events is reduced to below one event per million operating hours. Training and procedures in SWAMI II operation and maintenance provide an added safety margin. This study will promote the safe use of the SWAMI II and other autonomous mobile robots in the emerging technology of mobile robotic inspection

System analysis of vehicle active safety problem

Science.gov (United States)

Buznikov, S. E.

2018-02-01

The problem of the road transport safety affects the vital interests of the most of the population and is characterized by a global level of significance. The system analysis of problem of creation of competitive active vehicle safety systems is presented as an interrelated complex of tasks of multi-criterion optimization and dynamic stabilization of the state variables of a controlled object. Solving them requires generation of all possible variants of technical solutions within the software and hardware domains and synthesis of the control, which is close to optimum. For implementing the task of the system analysis the Zwicky “morphological box” method is used. Creation of comprehensive active safety systems involves solution of the problem of preventing typical collisions. For solving it, a structured set of collisions is introduced with its elements being generated also using the Zwicky “morphological box” method. The obstacle speed, the longitudinal acceleration of the controlled object and the unpredictable changes in its movement direction due to certain faults, the road surface condition and the control errors are taken as structure variables that characterize the conditions of collisions. The conditions for preventing typical collisions are presented as inequalities for physical variables that define the state vector of the object and its dynamic limits.

Safety analysis fundamentals

International Nuclear Information System (INIS)

Wright, A.C.D.

2002-01-01

This paper discusses the safety analysis fundamentals in reactor design. This study includes safety analysis done to show consequences of postulated accidents are acceptable. Safety analysis is also used to set design of special safety systems and includes design assist analysis to support conceptual design. safety analysis is necessary for licensing a reactor, to maintain an operating license, support changes in plant operations

Linking Safety Analysis to Safety Requirements

DEFF Research Database (Denmark)

Hansen, Kirsten Mark

Software for safety critical systems must deal with the hazards identified by safety analysistechniques: Fault trees, event trees,and cause consequence diagrams can be interpreted as safety requirements and used in the design activity. We propose that the safety analysis and the system design use...

Analysis Method of Common Cause Failure on Non-safety Digital Control System

Energy Technology Data Exchange (ETDEWEB)

Kim, Yun Goo; Oh, Eun Gse [KHNP, Daejeon (Korea, Republic of)

2014-08-15

The effects of common cause failure on safety digital instrumentation and control system had been considered in defense in depth analysis with safety analysis method. However, the effects of common cause failure on non-safety digital instrumentation and control system also should be evaluated. The common cause failure can be included in credible failure on the non-safety system. In the I and C architecture of nuclear power plant, many design feature has been applied for the functional integrity of control system. One of that is segmentation. Segmentation defenses the propagation of faults in the I and C architecture. Some of effects from common cause failure also can be limited by segmentation. Therefore, in this paper there are two type of failure mode, one is failures in one control group which is segmented, and the other is failures in multiple control group because that the segmentation cannot defense all effects from common cause failure. For each type, the worst failure scenario is needed to be determined, so the analysis method has been proposed in this paper. The evaluation can be qualitative when there is sufficient justification that the effects are bounded in previous safety analysis. When it is not bounded in previous safety analysis, additional analysis should be done with conservative assumptions method of previous safety analysis or best estimation method with realistic assumptions.

Software safety analysis techniques for developing safety critical software in the digital protection system of the LMR

Energy Technology Data Exchange (ETDEWEB)

Lee, Jang Soo; Cheon, Se Woo; Kim, Chang Hoi; Sim, Yun Sub

2001-02-01

This report has described the software safety analysis techniques and the engineering guidelines for developing safety critical software to identify the state of the art in this field and to give the software safety engineer a trail map between the code and standards layer and the design methodology and documents layer. We have surveyed the management aspects of software safety activities during the software lifecycle in order to improve the safety. After identifying the conventional safety analysis techniques for systems, we have surveyed in details the software safety analysis techniques, software FMEA(Failure Mode and Effects Analysis), software HAZOP(Hazard and Operability Analysis), and software FTA(Fault Tree Analysis). We have also surveyed the state of the art in the software reliability assessment techniques. The most important results from the reliability techniques are not the specific probability numbers generated, but the insights into the risk importance of software features. To defend against potential common-mode failures, high quality, defense-in-depth, and diversity are considered to be key elements in digital I and C system design. To minimize the possibility of CMFs and thus increase the plant reliability, we have provided D-in-D and D analysis guidelines.

Software safety analysis techniques for developing safety critical software in the digital protection system of the LMR

International Nuclear Information System (INIS)

Lee, Jang Soo; Cheon, Se Woo; Kim, Chang Hoi; Sim, Yun Sub

2001-02-01

This report has described the software safety analysis techniques and the engineering guidelines for developing safety critical software to identify the state of the art in this field and to give the software safety engineer a trail map between the code and standards layer and the design methodology and documents layer. We have surveyed the management aspects of software safety activities during the software lifecycle in order to improve the safety. After identifying the conventional safety analysis techniques for systems, we have surveyed in details the software safety analysis techniques, software FMEA(Failure Mode and Effects Analysis), software HAZOP(Hazard and Operability Analysis), and software FTA(Fault Tree Analysis). We have also surveyed the state of the art in the software reliability assessment techniques. The most important results from the reliability techniques are not the specific probability numbers generated, but the insights into the risk importance of software features. To defend against potential common-mode failures, high quality, defense-in-depth, and diversity are considered to be key elements in digital I and C system design. To minimize the possibility of CMFs and thus increase the plant reliability, we have provided D-in-D and D analysis guidelines

An intelligent hybrid system for surface coal mine safety analysis

Energy Technology Data Exchange (ETDEWEB)

Lilic, N.; Obradovic, I.; Cvjetic, A. [University of Belgrade, Belgrade (Serbia)

2010-06-15

Analysis of safety in surface coal mines represents a very complex process. Published studies on mine safety analysis are usually based on research related to accidents statistics and hazard identification with risk assessment within the mining industry. Discussion in this paper is focused on the application of AI methods in the analysis of safety in mining environment. Complexity of the subject matter requires a high level of expert knowledge and great experience. The solution was found in the creation of a hybrid system PROTECTOR, whose knowledge base represents a formalization of the expert knowledge in the mine safety field. The main goal of the system is the estimation of mining environment as one of the significant components of general safety state in a mine. This global goal is subdivided into a hierarchical structure of subgoals where each subgoal can be viewed as the estimation of a set of parameters (gas, dust, climate, noise, vibration, illumination, geotechnical hazard) which determine the general mine safety state and category of hazard in mining environment. Both the hybrid nature of the system and the possibilities it offers are illustrated through a case study using field data related to an existing Serbian surface coal mine.

Safety analysis and review system: a Department of Energy safety assurance tool

International Nuclear Information System (INIS)

Rosenthal, H.B.

1981-01-01

The concept of the Safety Analysis and Review System is not new. It has been used within the Department and its predecessor agencies, Atomic Energy Commission (AEC) and Energy Research and Development Administration (ERDA), for over 20 years. To minimize the risks from nuclear reactor and power plants, the AEC developed a process to support management authorization of each operation through identification and analysis of potential hazards and the measures taken to control them. As the agency evolved from AEC through ERDA to the Department of Energy, its responsibilities were broadened to cover a diversity of technologies, including those associated with the development of fossil, solar, and geothermal energy. Because the safety analysis process had proved effective in a technology of high potential hazard, the Department investigated the applicability of the process to the other technologies. This paper describes the system and discusses how it is implemented within the Department

Computational methods for criticality safety analysis within the scale system

International Nuclear Information System (INIS)

Parks, C.V.; Petrie, L.M.; Landers, N.F.; Bucholz, J.A.

1986-01-01

The criticality safety analysis capabilities within the SCALE system are centered around the Monte Carlo codes KENO IV and KENO V.a, which are both included in SCALE as functional modules. The XSDRNPM-S module is also an important tool within SCALE for obtaining multiplication factors for one-dimensional system models. This paper reviews the features and modeling capabilities of these codes along with their implementation within the Criticality Safety Analysis Sequences (CSAS) of SCALE. The CSAS modules provide automated cross-section processing and user-friendly input that allow criticality safety analyses to be done in an efficient and accurate manner. 14 refs., 2 figs., 3 tabs

Time Based Workload Analysis Method for Safety-Related Operator Actions in Safety Analysis

Energy Technology Data Exchange (ETDEWEB)

Kim, Yun Goo; Oh, Eung Se [Korea Hydro and Nuclear Power Co., Daejeon (Korea, Republic of)

2016-05-15

During the design basis event, the safety system performs safety functions to mitigate the event. The most of safety system is actuated by automatic system however, there are operator manual actions that are needed for the plant safety. These operator actions are classified as important human actions in human factors engineering design. The human factors engineering analysis and evaluation is needed for these important human actions to assure that operator successfully perform their tasks for plant safety and operational goals. The work load analysis is one of the required analysis for the important human actions.

Time Based Workload Analysis Method for Safety-Related Operator Actions in Safety Analysis

International Nuclear Information System (INIS)

Kim, Yun Goo; Oh, Eung Se

2016-01-01

During the design basis event, the safety system performs safety functions to mitigate the event. The most of safety system is actuated by automatic system however, there are operator manual actions that are needed for the plant safety. These operator actions are classified as important human actions in human factors engineering design. The human factors engineering analysis and evaluation is needed for these important human actions to assure that operator successfully perform their tasks for plant safety and operational goals. The work load analysis is one of the required analysis for the important human actions.

System safety education focused on flight safety

Science.gov (United States)

Holt, E.

1971-01-01

The measures necessary for achieving higher levels of system safety are analyzed with an eye toward maintaining the combat capability of the Air Force. Several education courses were provided for personnel involved in safety management. Data include: (1) Flight Safety Officer Course, (2) Advanced Safety Program Management, (3) Fundamentals of System Safety, and (4) Quantitative Methods of Safety Analysis.

A survey on reliability and safety analysis techniques of robot systems in nuclear power plants

Energy Technology Data Exchange (ETDEWEB)

Eom, H S; Kim, J H; Lee, J C; Choi, Y R; Moon, S S

2000-12-01

The reliability and safety analysis techniques was surveyed for the purpose of overall quality improvement of reactor inspection system which is under development in our current project. The contents of this report are : 1. Reliability and safety analysis techniques suvey - Reviewed reliability and safety analysis techniques are generally accepted techniques in many industries including nuclear industry. And we selected a few techniques which are suitable for our robot system. They are falut tree analysis, failure mode and effect analysis, reliability block diagram, markov model, combinational method, and simulation method. 2. Survey on the characteristics of robot systems which are distinguished from other systems and which are important to the analysis. 3. Survey on the nuclear environmental factors which affect the reliability and safety analysis of robot system 4. Collection of the case studies of robot reliability and safety analysis which are performed in foreign countries. The analysis results of this survey will be applied to the improvement of reliability and safety of our robot system and also will be used for the formal qualification and certification of our reactor inspection system.

A survey on reliability and safety analysis techniques of robot systems in nuclear power plants

International Nuclear Information System (INIS)

Eom, H.S.; Kim, J.H.; Lee, J.C.; Choi, Y.R.; Moon, S.S.

2000-12-01

The reliability and safety analysis techniques was surveyed for the purpose of overall quality improvement of reactor inspection system which is under development in our current project. The contents of this report are : 1. Reliability and safety analysis techniques suvey - Reviewed reliability and safety analysis techniques are generally accepted techniques in many industries including nuclear industry. And we selected a few techniques which are suitable for our robot system. They are falut tree analysis, failure mode and effect analysis, reliability block diagram, markov model, combinational method, and simulation method. 2. Survey on the characteristics of robot systems which are distinguished from other systems and which are important to the analysis. 3. Survey on the nuclear environmental factors which affect the reliability and safety analysis of robot system 4. Collection of the case studies of robot reliability and safety analysis which are performed in foreign countries. The analysis results of this survey will be applied to the improvement of reliability and safety of our robot system and also will be used for the formal qualification and certification of our reactor inspection system

Development of design and safety analysis supporting system for casks

International Nuclear Information System (INIS)

Ohsono, Katsunari; Higashino, Akira; Endoh, Shuji

1993-01-01

Mitsubishi heavy Industries has developed a design and safety analysis supporting system 'CADDIE' (Cask Computer Aided Design, Drawing and Integrated Evaluation System), with the following objectives: (1) Enhancement of efficiency of the design and safety analysis (2) Further advancement of design quality (3) Response to the diversification of design requirements. The features of this system are as follows: (1) The analysis model data common to analyses is established, and it is prepared automatically from the model made by CAD. (2) The input data for the analysis code is available by simple operation of conversation type from the analysis model data. (3) The analysis results are drawn out in diagrams by output generator, so as to facilitate easy observation. (4) The data of material properties, fuel assembly data, etc. required for the analyses are made available as a data base. (J.P.N.)

SYSTEMS SAFETY ANALYSIS FOR FIRE EVENTS ASSOCIATED WITH THE ECRB CROSS DRIFT

International Nuclear Information System (INIS)

R. J. Garrett

2001-01-01

The purpose of this analysis is to systematically identify and evaluate fire hazards related to the Yucca Mountain Site Characterization Project (YMP) Enhanced Characterization of the Repository Block (ECRB) East-West Cross Drift (commonly referred to as the ECRB Cross-Drift). This analysis builds upon prior Exploratory Studies Facility (ESF) System Safety Analyses and incorporates Topopah Springs (TS) Main Drift fire scenarios and ECRB Cross-Drift fire scenarios. Accident scenarios involving the fires in the Main Drift and the ECRB Cross-Drift were previously evaluated in ''Topopah Springs Main Drift System Safety Analysis'' (CRWMS M and O 1995) and the ''Yucca Mountain Site Characterization Project East-West Drift System Safety Analysis'' (CRWMS M and O 1998). In addition to listing required mitigation/control features, this analysis identifies the potential need for procedures and training as part of defense-in-depth mitigation/control features. The inclusion of this information in the System Safety Analysis (SSA) is intended to assist the organization(s) (e.g., Construction, Environmental Safety and Health, Design) responsible for these aspects of the ECRB Cross-Drift in developing mitigation/control features for fire events, including Emergency Refuge Station(s). This SSA was prepared, in part, in response to Condition/Issue Identification and Reporting/Resolution System (CIRS) item 1966. The SSA is an integral part of the systems engineering process, whereby safety is considered during planning, design, testing, and construction. A largely qualitative approach is used which incorporates operating experiences and recommendations from vendors, the constructor and the operating contractor. The risk assessment in this analysis characterizes the scenarios associated with fires in terms of relative risk and includes recommendations for mitigating all identified hazards. The priority for recommending and implementing mitigation control features is: (1) Incorporate

Automation for System Safety Analysis

Science.gov (United States)

Malin, Jane T.; Fleming, Land; Throop, David; Thronesbery, Carroll; Flores, Joshua; Bennett, Ted; Wennberg, Paul

2009-01-01

This presentation describes work to integrate a set of tools to support early model-based analysis of failures and hazards due to system-software interactions. The tools perform and assist analysts in the following tasks: 1) extract model parts from text for architecture and safety/hazard models; 2) combine the parts with library information to develop the models for visualization and analysis; 3) perform graph analysis and simulation to identify and evaluate possible paths from hazard sources to vulnerable entities and functions, in nominal and anomalous system-software configurations and scenarios; and 4) identify resulting candidate scenarios for software integration testing. There has been significant technical progress in model extraction from Orion program text sources, architecture model derivation (components and connections) and documentation of extraction sources. Models have been derived from Internal Interface Requirements Documents (IIRDs) and FMEA documents. Linguistic text processing is used to extract model parts and relationships, and the Aerospace Ontology also aids automated model development from the extracted information. Visualizations of these models assist analysts in requirements overview and in checking consistency and completeness.

Lithium-thionyl chloride cell system safety hazard analysis

Science.gov (United States)

Dampier, F. W.

1985-03-01

This system safety analysis for the lithium thionyl chloride cell is a critical review of the technical literature pertaining to cell safety and draws conclusions and makes recommendations based on this data. The thermodynamics and kinetics of the electrochemical reactions occurring during discharge are discussed with particular attention given to unstable SOCl2 reduction intermediates. Potentially hazardous reactions between the various cell components and discharge products or impurities that could occur during electrical or thermal abuse are described and the most hazardous conditions and reactions identified. Design factors influencing the safety of Li/SOCl2 cells, shipping and disposal methods and the toxicity of Li/SOCl2 battery components are additional safety issues that are also addressed.

Fault tree synthesis for software design analysis of PLC based safety-critical systems

International Nuclear Information System (INIS)

Koo, S. R.; Cho, C. H.; Seong, P. H.

2006-01-01

As a software verification and validation should be performed for the development of PLC based safety-critical systems, a software safety analysis is also considered in line with entire software life cycle. In this paper, we propose a technique of software safety analysis in the design phase. Among various software hazard analysis techniques, fault tree analysis is most widely used for the safety analysis of nuclear power plant systems. Fault tree analysis also has the most intuitive notation and makes both qualitative and quantitative analyses possible. To analyze the design phase more effectively, we propose a technique of fault tree synthesis, along with a universal fault tree template for the architecture modules of nuclear software. Consequently, we can analyze the safety of software on the basis of fault tree synthesis. (authors)

Analysis of Aviation Safety Reporting System Incident Data Associated With the Technical Challenges of the Vehicle Systems Safety Technology Project

Science.gov (United States)

Withrow, Colleen A.; Reveley, Mary S.

2014-01-01

This analysis was conducted to support the Vehicle Systems Safety Technology (VSST) Project of the Aviation Safety Program (AVsP) milestone VSST4.2.1.01, "Identification of VSST-Related Trends." In particular, this is a review of incident data from the NASA Aviation Safety Reporting System (ASRS). The following three VSST-related technical challenges (TCs) were the focus of the incidents searched in the ASRS database: (1) Vechicle health assurance, (2) Effective crew-system interactions and decisions in all conditions; and (3) Aircraft loss of control prevention, mitigation, and recovery.

Establishment of joint application system of safety analysis codes between Korea and Vietnam

International Nuclear Information System (INIS)

Chung, Bub Dong; Kim, Kyung Doo; Park, Cheol; Bae, Sung Won; Baek, Won Pil; Song, Cheol hwa; Jeong, Jae Jun; Lee, Seung Wook; Hwang, Moon Kyu; Lee, Chang Sup

2011-04-01

The following KAERI-VAEI collaboration works have been performed during the 2 year project ('09.4∼'11.4). 1) On the job training of Vietnam code users(1st training for 4 VAEI staff-3 months. 2nd training for 3 VAEI staff- 3 month), 2) Lecture of nuclear safety analysis (30 hrs basic course and 30 hrs advanced course), 3) Review of safety analysis method (IAEA safety concept and requirements), 4) Collaborative assessment of safety analysis code MARS (13 conceptual problem, 2 separate effect test problem, 1 integral effect test problem), 5) Input deck preparation of standard PWR (Preparation of APR1400 input deck and safety analysis of DBA). VAEI staffs have been familiarized to Korean PWR safety assessment technology through the collaboration assessment work using a computer code developed in Korea. The lectures for Vietnamese research will be contributed to the utilization and cultivation of Korean safety technology. The collaborated assessment works will be used for the establishment of MARS based safety analysis system which is independent from US safety assessment system

Establishment of joint application system of safety analysis codes between Korea and Vietnam

Energy Technology Data Exchange (ETDEWEB)

Chung, Bub Dong; Kim, Kyung Doo; Park, Cheol; Bae, Sung Won; Baek, Won Pil; Song, Cheol hwa; Jeong, Jae Jun; Lee, Seung Wook; Hwang, Moon Kyu; Lee, Chang Sup [KAERI, Daejeon (Korea, Republic of)

2011-04-15

The following KAERI-VAEI collaboration works have been performed during the 2 year project ('09.4{approx}'11.4). 1) On the job training of Vietnam code users(1st training for 4 VAEI staff-3 months. 2nd training for 3 VAEI staff- 3 month), 2) Lecture of nuclear safety analysis (30 hrs basic course and 30 hrs advanced course), 3) Review of safety analysis method (IAEA safety concept and requirements), 4) Collaborative assessment of safety analysis code MARS (13 conceptual problem, 2 separate effect test problem, 1 integral effect test problem), 5) Input deck preparation of standard PWR (Preparation of APR1400 input deck and safety analysis of DBA). VAEI staffs have been familiarized to Korean PWR safety assessment technology through the collaboration assessment work using a computer code developed in Korea. The lectures for Vietnamese research will be contributed to the utilization and cultivation of Korean safety technology. The collaborated assessment works will be used for the establishment of MARS based safety analysis system which is independent from US safety assessment system

Applicability of trends in nuclear safety analysis to space nuclear power systems

International Nuclear Information System (INIS)

Bari, R.A.

1992-01-01

A survey is presented of some current trends in nuclear safety analysis that may be relevant to space nuclear power systems. This includes: lessons learned from operating power reactor safety and licensing; approaches to the safety design of advanced and novel reactors and facilities; the roles of risk assessment, extremely unlikely accidents, safety goals/targets; and risk-benefit analysis and communication

System and software safety analysis for the ERA control computer

International Nuclear Information System (INIS)

Beerthuizen, P.G.; Kruidhof, W.

2001-01-01

The European Robotic Arm (ERA) is a seven degrees of freedom relocatable anthropomorphic robotic manipulator system, to be used in manned space operation on the International Space Station, supporting the assembly and external servicing of the Russian segment. The safety design concept and implementation of the ERA is described, in particular with respect to the central computer's software design. A top-down analysis and specification process is used to down flow the safety aspects of the ERA system towards the subsystems, which are produced by a consortium of companies in many countries. The user requirements documents and the critical function list are the key documents in this process. Bottom-up analysis (FMECA) and test, on both subsystem and system level, are the basis for safety verification. A number of examples show the use of the approach and methods used

CCF analysis of high redundancy systems safety/relief valve data analysis and reference BWR application

International Nuclear Information System (INIS)

Mankamo, T.; Bjoere, S.; Olsson, Lena

1992-12-01

Dependent failure analysis and modeling were developed for high redundancy systems. The study included a comprehensive data analysis of safety and relief valves at the Finnish and Swedish BWR plants, resulting in improved understanding of Common Cause Failure mechanisms in these components. The reference application on the Forsmark 1/2 reactor relief system, constituting of twelve safety/relief lines and two regulating relief lines, covered different safety criteria cases of reactor depressurization and overpressure protection function, and failure to re close sequences. For the quantification of dependencies, the Alpha Factor Model, the Binomial Probability Model and the Common Load Model were compared for applicability in high redundancy systems

Nuclear safety: operational aspects. 3. Hazard Analysis of Passive Systems

International Nuclear Information System (INIS)

Burgazzi, Luciano

2001-01-01

Interest has been aroused in recent years regarding the reliability assessment of passive systems being developed by suppliers, industries, utilities, and research organizations that aim at plant safety improvement and substantial simplification in its implementation. The approach to passive systems reliability assessment entails first a detailed system and safety analysis, and failure mode and effect analysis (FMEA) methodology has been chosen to perform the safety analysis at the system level. The FMEA technique allows identification of all potential failure modes in a system to evaluate their effects on the system and to classify them according to their severity; this technique identifies the reliability-critical areas in the system where modifications to the design are required to reduce the probability of failure. The present study concerns passive systems designed for decay heat removal relying on natural circulation that foresee, for the most part, a condenser immersed in a cooling pool. This is to identify and rank by importance the potential hazards related to passive-system equipment and operation that may critically affect the safety or availability of the plant. More specifically, the content of the paper analyzes the isolation condenser (IC) system foreseen for advanced boiling water reactors for removal of excess sensible and core decay heat by natural circulation during isolation transients. This FMEA analysis is the initial step to be accomplished as support for the development of a methodology aimed at the reliability assessment of thermal-hydraulic passive safety systems, providing important input to more detailed quantitative studies employing, for instance, event trees and fault trees or other reliability/availability models. Main purposes of the work are to identify important accident initiators, find out the possible consequences on the plant deriving from component failures, individuate possible causes, identify mitigating features and

An Integrated Approach of Model checking and Temporal Fault Tree for System Safety Analysis

Energy Technology Data Exchange (ETDEWEB)

Koh, Kwang Yong; Seong, Poong Hyun [Korea Advanced Institute of Science and Technology, Daejeon (Korea, Republic of)

2009-10-15

Digitalization of instruments and control systems in nuclear power plants offers the potential to improve plant safety and reliability through features such as increased hardware reliability and stability, and improved failure detection capability. It however makes the systems and their safety analysis more complex. Originally, safety analysis was applied to hardware system components and formal methods mainly to software. For software-controlled or digitalized systems, it is necessary to integrate both. Fault tree analysis (FTA) which has been one of the most widely used safety analysis technique in nuclear industry suffers from several drawbacks as described in. In this work, to resolve the problems, FTA and model checking are integrated to provide formal, automated and qualitative assistance to informal and/or quantitative safety analysis. Our approach proposes to build a formal model of the system together with fault trees. We introduce several temporal gates based on timed computational tree logic (TCTL) to capture absolute time behaviors of the system and to give concrete semantics to fault tree gates to reduce errors during the analysis, and use model checking technique to automate the reasoning process of FTA.

Analysis of Aviation Safety Reporting System Incident Data Associated with the Technical Challenges of the System-Wide Safety and Assurance Technologies Project

Science.gov (United States)

Withrow, Colleen A.; Reveley, Mary S.

2015-01-01

The Aviation Safety Program (AvSP) System-Wide Safety and Assurance Technologies (SSAT) Project asked the AvSP Systems and Portfolio Analysis Team to identify SSAT-related trends. SSAT had four technical challenges: advance safety assurance to enable deployment of NextGen systems; automated discovery of precursors to aviation safety incidents; increasing safety of human-automation interaction by incorporating human performance, and prognostic algorithm design for safety assurance. This report reviews incident data from the NASA Aviation Safety Reporting System (ASRS) for system-component-failure- or-malfunction- (SCFM-) related and human-factor-related incidents for commercial or cargo air carriers (Part 121), commuter airlines (Part 135), and general aviation (Part 91). The data was analyzed by Federal Aviation Regulations (FAR) part, phase of flight, SCFM category, human factor category, and a variety of anomalies and results. There were 38 894 SCFM-related incidents and 83 478 human-factorrelated incidents analyzed between January 1993 and April 2011.

Improvement of safety by analysis of costs and benefits of the system

OpenAIRE

T. Karkoszka; M. Andraczke

2011-01-01

Purpose: of the paper has been the assessment of the dependence between improvement of the implemented occupational health and safety management system and both minimization of costs connected with occupational health and safety assurance and optimization of real work conditions.Design/methodology/approach: used for the analysis has included definition of the occupational health and safety system with regard to the rules and tool allowing for occupational safety assurance in the organisationa...

Software Safety Analysis of Digital Protection System Requirements Using a Qualitative Formal Method

International Nuclear Information System (INIS)

Lee, Jang-Soo; Kwon, Kee-Choon; Cha, Sung-Deok

2004-01-01

The safety analysis of requirements is a key problem area in the development of software for the digital protection systems of a nuclear power plant. When specifying requirements for software of the digital protection systems and conducting safety analysis, engineers find that requirements are often known only in qualitative terms and that existing fault-tree analysis techniques provide little guidance on formulating and evaluating potential failure modes. A framework for the requirements engineering process is proposed that consists of a qualitative method for requirements specification, called the qualitative formal method (QFM), and a safety analysis method for the requirements based on causality information, called the causal requirements safety analysis (CRSA). CRSA is a technique that qualitatively evaluates causal relationships between software faults and physical hazards. This technique, extending the qualitative formal method process and utilizing information captured in the state trajectory, provides specific guidelines on how to identify failure modes and the relationship among them. The QFM and CRSA processes are described using shutdown system 2 of the Wolsong nuclear power plants as the digital protection system example

YUCCA MOUNTAIN SITE CHARACTERIZATIONS PROJECT TUNNEL BORING MACHINE (TBM) SYSTEM SAFETY ANALYSIS

International Nuclear Information System (INIS)

1997-01-01

The purpose of this analysis is to systematically identify and evaluate hazards related to the tunnel boring machine (TBM) used in the Exploratory Studies Facility (ESF) at the Yucca Mountain Site Characterization Project. This process is an integral part of the systems engineering process; whereby safety is considered during planning, design, testing, and construction. Since the TBM is an ''as built'' system, the MandO is conducting the System Safety Analysis during the construction or assembly phase of the TBM. A largely qualitative approach was used since a radiological System Safety Analysis is not required. The risk assessment in this analysis characterizes the accident scenarios associated with the TBM in terms of relative risk and includes recommendations for mitigating all identified risks. The priority for recommending and implementing mitigation control features is: (1) Incorporate measures to reduce risks and hazards into the system/subsystem/component design, (2) add safety features and capabilities to existing designs, and (3) develop procedures and conduct training to increase worker awareness of potential hazards, on methods to reduce exposure to hazards, and on the actions required to avoid accidents or correct hazardous conditions. The scope of this analysis is limited to the TBM during normal operations, excluding hazards occurring during assembly and test of the TBM or maintenance of the TBM equipment

YUCCA MOUNTAIN SITE CHARACTERIZATIONS PROJECT TUNNEL BORING MACHINE (TBM) SYSTEM SAFETY ANALYSIS

Energy Technology Data Exchange (ETDEWEB)

N/A

1997-02-19

The purpose of this analysis is to systematically identify and evaluate hazards related to the tunnel boring machine (TBM) used in the Exploratory Studies Facility (ESF) at the Yucca Mountain Site Characterization Project. This process is an integral part of the systems engineering process; whereby safety is considered during planning, design, testing, and construction. Since the TBM is an ''as built'' system, the M&O is conducting the System Safety Analysis during the construction or assembly phase of the TBM. A largely qualitative approach was used since a radiological System Safety Analysis is not required. The risk assessment in this analysis characterizes the accident scenarios associated with the TBM in terms of relative risk and includes recommendations for mitigating all identified risks. The priority for recommending and implementing mitigation control features is: (1) Incorporate measures to reduce risks and hazards into the system/subsystem/component design, (2) add safety features and capabilities to existing designs, and (3) develop procedures and conduct training to increase worker awareness of potential hazards, on methods to reduce exposure to hazards, and on the actions required to avoid accidents or correct hazardous conditions. The scope of this analysis is limited to the TBM during normal operations, excluding hazards occurring during assembly and test of the TBM or maintenance of the TBM equipment.

ESSAA: Embedded system safety analysis assistant

Science.gov (United States)

Wallace, Peter; Holzer, Joseph; Guarro, Sergio; Hyatt, Larry

1987-01-01

The Embedded System Safety Analysis Assistant (ESSAA) is a knowledge-based tool that can assist in identifying disaster scenarios. Imbedded software issues hazardous control commands to the surrounding hardware. ESSAA is intended to work from outputs to inputs, as a complement to simulation and verification methods. Rather than treating the software in isolation, it examines the context in which the software is to be deployed. Given a specified disasterous outcome, ESSAA works from a qualitative, abstract model of the complete system to infer sets of environmental conditions and/or failures that could cause a disasterous outcome. The scenarios can then be examined in depth for plausibility using existing techniques.

A Technique of Software Safety Analysis in the Design Phase for PLC Based Safety-Critical Systems

International Nuclear Information System (INIS)

Koo, Seo-Ryong; Kim, Chang-Hwoi

2017-01-01

The purpose of safety analysis, which is a method of identifying portions of a system that have the potential for unacceptable hazards, is firstly to encourage design changes that will reduce or eliminate hazards and, secondly, to conduct special analyses and tests that can provide increased confidence in especially vulnerable portions of the system. For the design and implementation phase of the PLC based systems, we proposed a technique for software design specification and analysis, and this technique enables us to generate software design specifications (SDSs) in nuclear fields. For the safety analysis in the design phase, we used architecture design blocks of NuFDS to represent the architecture of the software. On the basis of the architecture design specification, we can directly generate the fault tree and then use the fault tree for qualitative analysis. Therefore, we proposed a technique of fault tree synthesis, along with a universal fault tree template for the architecture modules of nuclear software. Through our proposed fault tree synthesis in this work, users can use the architecture specification of the NuFDS approach to intuitively compose fault trees that help analyze the safety design features of software.

Model-based safety analysis of a control system using Simulink and Simscape extended models

Directory of Open Access Journals (Sweden)

Shao Nian

2017-01-01

Full Text Available The aircraft or system safety assessment process is an integral part of the overall aircraft development cycle. It is usually characterized by a very high timely and financial effort and can become a critical design driver in certain cases. Therefore, an increasing demand of effective methods to assist the safety assessment process arises within the aerospace community. One approach is the utilization of model-based technology, which is already well-established in the system development, for safety assessment purposes. This paper mainly describes a new tool for Model-Based Safety Analysis. A formal model for an example system is generated and enriched with extended models. Then, system safety analyses are performed on the model with the assistance of automation tools and compared to the results of a manual analysis. The objective of this paper is to improve the increasingly complex aircraft systems development process. This paper develops a new model-based analysis tool in Simulink/Simscape environment.

YUCCA MOUNTAIN SITE CHARACTERIZATION PROJECT EAST-WEST DRIFT SYSTEM SAFETY ANALYSIS

Energy Technology Data Exchange (ETDEWEB)

NA

1999-06-08

The purpose of this analysis is to systematically identify and evaluate hazards related to the design of the Yucca Mountain Project Exploratory Studies Facility (ESF) East-West Cross Drift. This analysis builds upon prior ESF System Safety Analyses and incorporates TS Main Drift scenarios, where applicable, into the East-West Drift scenarios. This System Safety Analysis (SSA) focuses on the personnel safety and health hazards associated with the engineered design of the East-West Drift. The analysis also evaluates other aspects of the East-West Drift, including purchased equipment (e.g., scientific mapping platform) or Systems/Structures/Components (SSCs) and out-of-tolerance conditions. In addition to recommending design mitigation features, the analysis identifies the potential need for procedures, training, or Job Safety Analyses (JSAs). The inclusion of this information in the SSA is intended to assist the organization(s) (e.g., constructor, Safety and Health, design) responsible for these aspects of the East-West Drift in evaluating personnel hazards and augment the information developed by these organizations. The SSA is an integral part of the systems engineering process, whereby safety is considered during planning, design, testing, and construction. A largely qualitative approach is used which incorporates operating experiences and recommendations from vendors, the constructor and the operating contractor. The risk assessment in this analysis characterizes the scenarios associated with East-West Drift SSCs in terms of relative risk and includes recommendations for mitigating all identified hazards. The priority for recommending and implementing mitigation control features is: (1) Incorporate measures to reduce risks and hazards into SSC designs. (2) Add safety features and capabilities to existing designs. (3) Develop procedures and conduct training to increase worker awareness of potential hazards, reduce exposure to hazards, and inform personnel of the

Short course on system safety analysis

International Nuclear Information System (INIS)

Sudmann, R.H.

1992-01-01

This course provides and introduction to methods generally used in safety analysis and accident investigation. It is a non-mathematical approach, directed toward a casual user. The participant will learn techniques allowing them to dissect a system or incident in order identify real or potential safety problems. These techniques will be applied to analyze events which have occurred within DOE facilities. As a manager or staff person with general oversight responsibilities, the participant should gain an awareness of the big picture and not just ''dig for facts.'' This can be accomplished by being alert and responsive to the atmosphere and condition of the plant; mood and impression of the worker and the behavioral climate. The techniques taught in the course can be used to identify critical areas or indicators. These indicators will signal problems before the ''facts'' will. Analysis techniques taught are used to gauge the breadth of the ''forest'' and not necessarily to identify the trees. For this course includes a technical background with experience in a chemical processing operations and a knowledge of basic chemistry and engineering is desirable. The course should help in a present or future assignment in an oversight role

Preliminary safety analysis of the HTTR-IS nuclear hydrogen production system

International Nuclear Information System (INIS)

Sato, Hiroyuki; Ohashi, Hirofumi; Tazawa, Yujiro; Tachibana, Yukio; Sakaba, Nariaki

2010-06-01

Japan Atomic Energy Agency is planning to demonstrate hydrogen production by thermochemical water-splitting IS process utilizing heat from the high-temperature gas-cooled reactor HTTR (HTTR-IS system). The previous study identified that the HTTR modification due to the coupling of hydrogen production plant requires an additional safety review since the scenario and quantitative values of the evaluation items would be altered from the original HTTR safety review. Hence, preliminary safety analyses are conducted by using the system analysis code. Calculation results showed that evaluation items such as a coolant pressure, temperatures of heat transfer tubes at the pressure boundary, etc., did not exceed allowable values. Also, the peak fuel temperature did not exceed allowable value and therefore the reactor core was not damaged and cooled sufficiently. This report compiles calculation conditions, event scenarios and the calculation results of the preliminary safety analysis. (author)

Analysis of the reliability of the active injection safety systems of Angra I

International Nuclear Information System (INIS)

Frutuoso e Melo, P.F.F.

1981-01-01

The reliability of the active emergency core cooling systems of Angra I nuclear power plant is evaluated. The fault tree analysis is employed. The unavailability of the above cited systems, is calculated. A parametric sensitivity analysis has been performed, due to the existing scattering in the failure and repair rate data of these system's components. The minimal cut sets were determined and, as a final step, a reliability importance analysis has been performed. This final step has required the development of a computer program. The methodology and data from the 'Reactor Safety Study' (Wash-1400) (in which the reliability of safety systems of a tipical PWR plant is calculated), is employed. The unavailability values for the safety systems analysed are too low, thus showing that in most cases the systems analysed are available to mitigate the effects of a loss-of-coolant accident. (Author) [pt

Reliability analysis of PLC safety equipment

Energy Technology Data Exchange (ETDEWEB)

Yu, J.; Kim, J. Y. [Chungnam Nat. Univ., Daejeon (Korea, Republic of)

2006-06-15

FMEA analysis for Nuclear Safety Grade PLC, failure rate prediction for nuclear safety grade PLC, sensitivity analysis for components failure rate of nuclear safety grade PLC, unavailability analysis support for nuclear safety system.

Reliability analysis of PLC safety equipment

International Nuclear Information System (INIS)

Yu, J.; Kim, J. Y.

2006-06-01

FMEA analysis for Nuclear Safety Grade PLC, failure rate prediction for nuclear safety grade PLC, sensitivity analysis for components failure rate of nuclear safety grade PLC, unavailability analysis support for nuclear safety system

Reactor safety analysis

International Nuclear Information System (INIS)

Arien, B.

1998-01-01

Risk assessments of nuclear installations require accurate safety and reliability analyses to estimate the consequences of accidental events and their probability of occurrence. The objective of the work performed in this field at the Belgian Nuclear Research Centre SCK-CEN is to develop expertise in probabilistic and deterministic reactor safety analysis. The four main activities of the research project on reactor safety analysis are: (1) the development of software for the reliable analysis of large systems; (2) the development of an expert system for the aid to diagnosis; (3) the development and the application of a probabilistic reactor-dynamics method, and (4) to participate in the international PHEBUS-FP programme for severe accidents. Progress in research during 1997 is described

Dependability analysis of proposed I and C architecture for safety systems of a large PWR

International Nuclear Information System (INIS)

Kabra, Ashutosh; Karmakar, G.; Tiwari, A.P.; Manoj Kumar; Marathe, P.P.

2014-01-01

Instrumentation and Control (I and C) systems in a reactor provide protection against unsafe operation during steady-state and transient power operations. Indian reactors traditionally adopted 2-out-of-3 (2oo3) architecture for safety systems. But, contemporary reactor safety systems are employing 2-out-of-4 (2oo4) architecture in spite of the increased cost due to the additional channel. This motivated us to carry out a comparative study of 2oo3 and 2oo4 architecture, especially for their dependability attributes - safety and availability. Quantitative estimation of safety and availability has been used to adjudge the worthiness of adopting 2oo4 architecture in I and C safety systems of a large PWR. Our analysis using Markov model shows that 2oo4 architecture, even with lower diagnostic coverage and longer proof test interval, can provide better safety and availability in comparison of 2oo3 architecture. This reduces total life cycle cost of system during development phase and complexity and frequency of surveillance test during operational phase. The paper also describes the proposed architecture for Reactor Protection System (RPS), a representative safety system, and determines its dependability using Markov analysis and Failure Mode Effect Analysis (FMEA). The proposed I and C safety system architecture also has been qualitatively analyzed for their effectiveness against common cause failures (CCFs). (author)

Reactor Safety Analysis

International Nuclear Information System (INIS)

Arien, B.

1998-01-01

The objective of SCK-CEN's programme on reactor safety is to develop expertise in probabilistic and deterministic reactor safety analysis. The research programme consists of four main activities, in particular the development of software for reliability analysis of large systems and participation in the international PHEBUS-FP programme for severe accidents, the development of an expert system for the aid to diagnosis; the development and application of a probabilistic reactor dynamics method. Main achievements in 1999 are reported

Finite mixture models for sensitivity analysis of thermal hydraulic codes for passive safety systems analysis

Energy Technology Data Exchange (ETDEWEB)

Di Maio, Francesco, E-mail: francesco.dimaio@polimi.it [Energy Department, Politecnico di Milano, Via La Masa 34, 20156 Milano (Italy); Nicola, Giancarlo [Energy Department, Politecnico di Milano, Via La Masa 34, 20156 Milano (Italy); Zio, Enrico [Energy Department, Politecnico di Milano, Via La Masa 34, 20156 Milano (Italy); Chair on System Science and Energetic Challenge Fondation EDF, Ecole Centrale Paris and Supelec, Paris (France); Yu, Yu [School of Nuclear Science and Engineering, North China Electric Power University, 102206 Beijing (China)

2015-08-15

Highlights: • Uncertainties of TH codes affect the system failure probability quantification. • We present Finite Mixture Models (FMMs) for sensitivity analysis of TH codes. • FMMs approximate the pdf of the output of a TH code with a limited number of simulations. • The approach is tested on a Passive Containment Cooling System of an AP1000 reactor. • The novel approach overcomes the results of a standard variance decomposition method. - Abstract: For safety analysis of Nuclear Power Plants (NPPs), Best Estimate (BE) Thermal Hydraulic (TH) codes are used to predict system response in normal and accidental conditions. The assessment of the uncertainties of TH codes is a critical issue for system failure probability quantification. In this paper, we consider passive safety systems of advanced NPPs and present a novel approach of Sensitivity Analysis (SA). The approach is based on Finite Mixture Models (FMMs) to approximate the probability density function (i.e., the uncertainty) of the output of the passive safety system TH code with a limited number of simulations. We propose a novel Sensitivity Analysis (SA) method for keeping the computational cost low: an Expectation Maximization (EM) algorithm is used to calculate the saliency of the TH code input variables for identifying those that most affect the system functional failure. The novel approach is compared with a standard variance decomposition method on a case study considering a Passive Containment Cooling System (PCCS) of an Advanced Pressurized reactor AP1000.

Safety analysis of autonomous excavator functionality

International Nuclear Information System (INIS)

Seward, D.; Pace, C.; Morrey, R.; Sommerville, I.

2000-01-01

This paper presents an account of carrying out a hazard analysis to define the safety requirements for an autonomous robotic excavator. The work is also relevant to the growing generic class of heavy automated mobile machinery. An overview of the excavator design is provided and the concept of a safety manager is introduced. The safety manager is an autonomous module responsible for all aspects of system operational safety, and is central to the control system's architecture. Each stage of the hazard analysis is described, i.e. system model creation, hazard definition and hazard analysis. Analysis at an early stage of the design process, and on a system that interfaces directly to an unstructured environment, exposes certain issues relevant to the application of current hazard analysis methods. The approach taken in the analysis is described. Finally, it is explained how the results of the hazard analysis have influenced system design, in particular, safety manager specifications. Conclusions are then drawn about the applicability of hazard analysis of requirements in general, and suggestions are made as to how the approach can be taken further

Technical difficulties and challenges for performing safety analysis on digital I and C systems

International Nuclear Information System (INIS)

Yih, Swu

1996-01-01

Performing safety analysis on digital I and C systems is an important task for nuclear safety analysts. The analysis results can not only confirm that the system is well-developed but also provide crucial evidence for licensing process. However, currently both I and C developers and regulators have difficulties in evaluating the safety of digital I and C systems. To investigate this problem, this paper propose a frame-based model to analyze the working and failure mechanisms of software and its interaction with the environment. Valid isomorphic relationship between the logical (software) and the physical (hardware environment) frame is identified as a major factor that determines the safe behavior of the software. The failures that may potentially cause the violation of isomorphic relations are also discussed. To perform safety analysis on digital I and C systems, analysts need to predict the effects incurred by such failures. However, due to lack of continuity, regularity, integrity, and high complexity of software structure, software does not have a stable and predictable pattern of behavior, which in turn makes the trustworthiness of results of software safety analysis susceptible. Our model can explain many troublesome events experienced by computer controlled systems. Implications and possible directions for improvement are also discussed. (author)

Analysis and design on airport safety information management system

Directory of Open Access Journals (Sweden)

Yan Lin

2017-01-01

Full Text Available Airport safety information management system is the foundation of implementing safety operation, risk control, safety performance monitor, and safety management decision for the airport. The paper puts forward the architecture of airport safety information management system based on B/S model, focuses on safety information processing flow, designs the functional modules and proposes the supporting conditions for system operation. The system construction is helpful to perfecting the long effect mechanism driven by safety information, continually increasing airport safety management level and control proficiency．

Safety Analysis for Power Reactor Protection System

International Nuclear Information System (INIS)

Eisawy, E.A.; Sallam, H.

2012-01-01

The main function of a Reactor Protection System (RPS) is to safely shutdown the reactor and prevents the release of radioactive materials. The purpose of this paper is to present a technique and its application for used in the analysis of safety system of the Nuclear Power Plant (NPP). A more advanced technique has been presented to accurately study such problems as the plant availability assessments and Technical Specifications evaluations that are becoming increasingly important. The paper provides the Markov model for the Reactor Protection System of the NPP and presents results of model evaluations for two testing policies in technical specifications. The quantification of the Markov model provides the probability values that the system will occupy each of the possible states as a function of time.

Reactor Safety Analysis

International Nuclear Information System (INIS)

Arien, B.

2000-01-01

The objective of SCK-CEN's programme on reactor safety is to develop expertise in probabilistic and deterministic reactor safety analysis. The research programme consists of two main activities, in particular the development of software for reliability analysis of large systems and participation in the international PHEBUS-FP programme for severe accidents. Main achievements in 1999 are reported

Comprehensive method of common-mode failure analysis for LMFBR safety systems

International Nuclear Information System (INIS)

Unione, A.J.; Ritzman, R.L.; Erdmann, R.C.

1976-01-01

A technique is demonstrated which allows the systematic treatment of common-mode failures of safety system performance. The technique uses log analysis in the form of fault and success trees to qualitatively assess the sources of common-mode failure and quantitatively estimate the contribution to the overall risk of system failure. The analysis is applied to the secondary control rod system of an early sized LMFBR

Architecture Level Safety Analyses for Safety-Critical Systems

Directory of Open Access Journals (Sweden)

K. S. Kushal

2017-01-01

Full Text Available The dependency of complex embedded Safety-Critical Systems across Avionics and Aerospace domains on their underlying software and hardware components has gradually increased with progression in time. Such application domain systems are developed based on a complex integrated architecture, which is modular in nature. Engineering practices assured with system safety standards to manage the failure, faulty, and unsafe operational conditions are very much necessary. System safety analyses involve the analysis of complex software architecture of the system, a major aspect in leading to fatal consequences in the behaviour of Safety-Critical Systems, and provide high reliability and dependability factors during their development. In this paper, we propose an architecture fault modeling and the safety analyses approach that will aid in identifying and eliminating the design flaws. The formal foundations of SAE Architecture Analysis & Design Language (AADL augmented with the Error Model Annex (EMV are discussed. The fault propagation, failure behaviour, and the composite behaviour of the design flaws/failures are considered for architecture safety analysis. The illustration of the proposed approach is validated by implementing the Speed Control Unit of Power-Boat Autopilot (PBA system. The Error Model Annex (EMV is guided with the pattern of consideration and inclusion of probable failure scenarios and propagation of fault conditions in the Speed Control Unit of Power-Boat Autopilot (PBA. This helps in validating the system architecture with the detection of the error event in the model and its impact in the operational environment. This also provides an insight of the certification impact that these exceptional conditions pose at various criticality levels and design assurance levels and its implications in verifying and validating the designs.

Safety balance: Analysis of safety systems; Bilans de surete: analyse par les organismes de surete

Energy Technology Data Exchange (ETDEWEB)

Delage, M; Giroux, C

1990-12-01

Safety analysis, and particularly analysis of exploitation of NPPs is constantly affected by EDF and by the safety authorities and their methodologies. Periodic safety reports ensure that important issues are not missed on daily basis, that incidents are identified and that relevant actions are undertaken. French safety analysis method consists of three principal steps. First type of safety balance is analyzed at the normal start-up phase for each unit including the final safety report. This enables analysis of behaviour of units ten years after their licensing. Second type is periodic operational safety analysis performed during a few years. Finally, the third step consists of safety analysis of the oldest units with the aim to improve the safety standards. The three steps of safety analysis are described in this presentation in detail with the aim to present the objectives and principles. Examples of most recent exercises are included in order to illustrate the importance of such analyses.

LOFT integral test system final safety analysis report

International Nuclear Information System (INIS)

1974-03-01

Safety analyses are presented for the following LOFT Reactor systems: engineering safety features; support buildings and facilities; instrumentation and controls; electrical systems; and auxiliary systems. (JWR)

Maintaining scale as a realiable computational system for criticality safety analysis

International Nuclear Information System (INIS)

Bowmann, S.M.; Parks, C.V.; Martin, S.K.

1995-01-01

Accurate and reliable computational methods are essential for nuclear criticality safety analyses. The SCALE (Standardized Computer Analyses for Licensing Evaluation) computer code system was originally developed at Oak Ridge National Laboratory (ORNL) to enable users to easily set up and perform criticality safety analyses, as well as shielding, depletion, and heat transfer analyses. Over the fifteen-year life of SCALE, the mainstay of the system has been the criticality safety analysis sequences that have featured the KENO-IV and KENO-V.A Monte Carlo codes and the XSDRNPM one-dimensional discrete-ordinates code. The criticality safety analysis sequences provide automated material and problem-dependent resonance processing for each criticality calculation. This report details configuration management which is essential because SCALE consists of more than 25 computer codes (referred to as modules) that share libraries of commonly used subroutines. Changes to a single subroutine in some cases affect almost every module in SCALE exclamation point Controlled access to program source and executables and accurate documentation of modifications are essential to maintaining SCALE as a reliable code system. The modules and subroutine libraries in SCALE are programmed by a staff of approximately ten Code Managers. The SCALE Software Coordinator maintains the SCALE system and is the only person who modifies the production source, executables, and data libraries. All modifications must be authorized by the SCALE Project Leader prior to implementation

Preliminary Performance Analysis Program Development for Safety System with Safeguard Vessel

International Nuclear Information System (INIS)

Kang, Han-Ok; Lee, Jun; Park, Cheon-Tae; Yoon, Ju-Hyeon; Park, Keun-Bae

2007-01-01

SMART is an advanced modular integral type pressurized water reactor for a seawater desalination and an electricity production. Major components of the reactor coolant system such as the pressurizer, Reactor Coolant Pump (RCP), and steam generators are located inside the reactor vessel. The SMART can fundamentally eliminate the possibility of large break loss of coolant accidents (LBLOCAs), improve the natural circulation capability, and better accommodate and thus enhance a resistance to a wide range of transients and accidents. The safety goals of the SMART are enhanced through highly reliable safety systems such as the passive residual heat removal system (PRHRS) and the safeguard vessel coupled with the passive safety injection feature. The safeguard vessel is a steel-made, leak-tight pressure vessel housing the RPV, SIT, and the associated valves and pipelines. A primary function of the safeguard vessel is to confine any radioactive release from the primary circuit within the vessel under DBAs related to loss of the integrity of the primary system. A preliminary performance analysis program for a safety system using the safeguard vessel is developed in this study. The developed program is composed of several subroutines for the reactor coolant system, passive safety injection system, safeguard vessel including the pressure suppression pool, and PRHRS. A small break loss of coolant accident at the upper part of a reactor is analyzed and the results are discussed

NASA System Safety Handbook. Volume 2: System Safety Concepts, Guidelines, and Implementation Examples

Science.gov (United States)

Dezfuli, Homayoon; Benjamin, Allan; Everett, Christopher; Feather, Martin; Rutledge, Peter; Sen, Dev; Youngblood, Robert

2015-01-01

This is the second of two volumes that collectively comprise the NASA System Safety Handbook. Volume 1 (NASASP-210-580) was prepared for the purpose of presenting the overall framework for System Safety and for providing the general concepts needed to implement the framework. Volume 2 provides guidance for implementing these concepts as an integral part of systems engineering and risk management. This guidance addresses the following functional areas: 1.The development of objectives that collectively define adequate safety for a system, and the safety requirements derived from these objectives that are levied on the system. 2.The conduct of system safety activities, performed to meet the safety requirements, with specific emphasis on the conduct of integrated safety analysis (ISA) as a fundamental means by which systems engineering and risk management decisions are risk-informed. 3.The development of a risk-informed safety case (RISC) at major milestone reviews to argue that the systems safety objectives are satisfied (and therefore that the system is adequately safe). 4.The evaluation of the RISC (including supporting evidence) using a defined set of evaluation criteria, to assess the veracity of the claims made therein in order to support risk acceptance decisions.

NASA System Safety Handbook. Volume 1; System Safety Framework and Concepts for Implementation

Science.gov (United States)

Dezfuli, Homayoon; Benjamin, Allan; Everett, Christopher; Smith, Curtis; Stamatelatos, Michael; Youngblood, Robert

2011-01-01

System safety assessment is defined in NPR 8715.3C, NASA General Safety Program Requirements as a disciplined, systematic approach to the analysis of risks resulting from hazards that can affect humans, the environment, and mission assets. Achievement of the highest practicable degree of system safety is one of NASA's highest priorities. Traditionally, system safety assessment at NASA and elsewhere has focused on the application of a set of safety analysis tools to identify safety risks and formulate effective controls.1 Familiar tools used for this purpose include various forms of hazard analyses, failure modes and effects analyses, and probabilistic safety assessment (commonly also referred to as probabilistic risk assessment (PRA)). In the past, it has been assumed that to show that a system is safe, it is sufficient to provide assurance that the process for identifying the hazards has been as comprehensive as possible and that each identified hazard has one or more associated controls. The NASA Aerospace Safety Advisory Panel (ASAP) has made several statements in its annual reports supporting a more holistic approach. In 2006, it recommended that "... a comprehensive risk assessment, communication and acceptance process be implemented to ensure that overall launch risk is considered in an integrated and consistent manner." In 2009, it advocated for "... a process for using a risk-informed design approach to produce a design that is optimally and sufficiently safe." As a rationale for the latter advocacy, it stated that "... the ASAP applauds switching to a performance-based approach because it emphasizes early risk identification to guide designs, thus enabling creative design approaches that might be more efficient, safer, or both." For purposes of this preface, it is worth mentioning three areas where the handbook emphasizes a more holistic type of thinking. First, the handbook takes the position that it is important to not just focus on risk on an individual

Data Analysis of Occupational Health and Safety Management and Total Quality Management Systems

Directory of Open Access Journals (Sweden)

Ahmet Yakut

2013-01-01

Full Text Available In our study, Total Quality Management, Occupational Health and Safety on the effects of the construction industry, building sites of Istanbul evaluated with the results of the survey of 25 firms. For Occupational Health and Safety program, walked healthy, active employees in her role increased and will increase the importance of education. Due to non-implementation of the OHS system in our country enough, work-related accidents and deaths and injuries resulting from these accidents is very high. Firms as a result of the analysis, an effective health and safety management system needs to be able to fulfill their responsibilities. This system is designated as OHSAS 18001 Occupational Health and Safety Management System and the construction industry can be regarded as the imperatives.

Effect Analysis of Digital I and C Systems on Plant Safety based on Fault-Tree Analysis

International Nuclear Information System (INIS)

Lee, Seung Jun; Jung, Wondea

2014-01-01

Deterioration and an inadequate supply of components of analog I and C systems have led to inefficient and costly maintenance. Moreover, since the fast evolution of digital technology has enabled more reliable functions to be designed for NPP safety, the transition from analog to digital has been accelerated. Owing to the distinguishable characteristics of digital I and C systems, a reliability analysis of digital systems has become an important element of a probabilistic safety assessment (PSA). Digital I and C systems have unique characteristics such as fault-tolerant techniques and software. However, these features have not been properly considered yet in most NPP PSA models. The effect of digital I and C systems should be evaluated by comparing them to that of analog I and C systems. Before installing a digital I and C system, even though it is expected that the plant safety can be improved through the advantageous features of digital I and C systems, it should be validated whether the total NPP safety is better than analog systems or is the same at least. In this work, the fault-tree (FT) technique, which is most widely used in a PSA, was used to compare the effects of analog and digital I and C systems. From a case study, the results of plant safety were compared. In this work, the effect of a digital RPS was evaluated by comparing it to that of an analog RPS based on the FT models. In the evaluation results, it was observed that digital RPS has a positive effect on reducing the system unavailability. The analysis results can be used for the development of a guide for evaluating digital I and C systems and reliability requirements

Safety analysis of an expert reactor protection system in nuclear power plants

International Nuclear Information System (INIS)

El-Kafas, A.A.

1997-01-01

The purpose of the dissertation is to develop real time expert reactor protection system (ERPS) for operational safety of pressurized water reactor nuclear power plant. The system is developed to diagnose plant failures and for identification plant transients (with and without scram). For this erps, probabilistic safety analysis techniques are used to check the availability and priority of the recommended safety system in case of plant accidents. The real - time information during transients and accidents can be obtained to assess the operator in his decision - making. Also, the ERPS is able to give advice for the reactor operator to take the appropriate corrective action during abnormal situations. 5-15 figs., 42 refs

Software safety hazard analysis

International Nuclear Information System (INIS)

Lawrence, J.D.

1996-02-01

Techniques for analyzing the safety and reliability of analog-based electronic protection systems that serve to mitigate hazards in process control systems have been developed over many years, and are reasonably well understood. An example is the protection system in a nuclear power plant. The extension of these techniques to systems which include digital computers is not well developed, and there is little consensus among software engineering experts and safety experts on how to analyze such systems. One possible technique is to extend hazard analysis to include digital computer-based systems. Software is frequently overlooked during system hazard analyses, but this is unacceptable when the software is in control of a potentially hazardous operation. In such cases, hazard analysis should be extended to fully cover the software. A method for performing software hazard analysis is proposed in this paper

System Design and the Safety Basis

International Nuclear Information System (INIS)

Ellingson, Darrel

2008-01-01

The objective of this paper is to present the Bechtel Jacobs Company, LLC (BJC) Lessons Learned for system design as it relates to safety basis documentation. BJC has had to reconcile incomplete or outdated system description information with current facility safety basis for a number of situations in recent months. This paper has relevance in multiple topical areas including documented safety analysis, decontamination and decommissioning (D and D), safety basis (SB) implementation, safety and design integration, potential inadequacy of the safety analysis (PISA), technical safety requirements (TSR), and unreviewed safety questions. BJC learned that nuclear safety compliance relies on adequate and well documented system design information. A number of PIS As and TSR violations occurred due to inadequate or erroneous system design information. As a corrective action, BJC assessed the occurrences caused by systems design-safety basis interface problems. Safety systems reviewed included the Molten Salt Reactor Experiment (MSRE) Fluorination System, K-1065 fire alarm system, and the K-25 Radiation Criticality Accident Alarm System. The conclusion was that an inadequate knowledge of system design could result in continuous non-compliance issues relating to nuclear safety. This was especially true with older facilities that lacked current as-built drawings coupled with the loss of 'historical knowledge' as personnel retired or moved on in their careers. Walkdown of systems and the updating of drawings are imperative for nuclear safety compliance. System design integration with safety basis has relevance in the Department of Energy (DOE) complex. This paper presents the BJC Lessons Learned in this area. It will be of benefit to DOE contractors that manage and operate an aging population of nuclear facilities

System safety education focused on system management

Science.gov (United States)

Grose, V. L.

1971-01-01

System safety is defined and characteristics of the system are outlined. Some of the principle characteristics include role of humans in hazard analysis, clear language for input and output, system interdependence, self containment, and parallel analysis of elements.

Fault Tree Analysis with Temporal Gates and Model Checking Technique for Qualitative System Safety Analysis

International Nuclear Information System (INIS)

Koh, Kwang Yong; Seong, Poong Hyun

2010-01-01

Fault tree analysis (FTA) has suffered from several drawbacks such that it uses only static gates and hence can not capture dynamic behaviors of the complex system precisely, and it is in lack of rigorous semantics, and reasoning process which is to check whether basic events really cause top events is done manually and hence very labor-intensive and time-consuming for the complex systems while it has been one of the most widely used safety analysis technique in nuclear industry. Although several attempts have been made to overcome this problem, they can not still do absolute or actual time modeling because they adapt relative time concept and can capture only sequential behaviors of the system. In this work, to resolve the problems, FTA and model checking are integrated to provide formal, automated and qualitative assistance to informal and/or quantitative safety analysis. Our approach proposes to build a formal model of the system together with fault trees. We introduce several temporal gates based on timed computational tree logic (TCTL) to capture absolute time behaviors of the system and to give concrete semantics to fault tree gates to reduce errors during the analysis, and use model checking technique to automate the reasoning process of FTA

Development of safety analysis technology for integral reactor

Energy Technology Data Exchange (ETDEWEB)

Sim, Suk K.; Song, J. H.; Chung, Y. J. and others

1999-03-01

Inherent safety features and safety system characteristics of the SMART integral reactor are investigated in this study. Performance and safety of the SMART conceptual design have been evaluated and confirmed through the performance and safety analyses using safety analysis system codes as well as a preliminary performance and safety analysis methodology. SMART design base events and their acceptance criteria are identified to develop a preliminary PIRT for the SMART integral reactor. Using the preliminary PIRT, a set of experimental program for the thermal hydraulic separate effect tests and the integral effect tests was developed for the thermal hydraulic model development and the system code validation. Safety characteristics as well as the safety issues of the integral reactor has been identified during the study, which will be used to resolve the safety issues and guide the regulatory criteria for the integral reactor. The results of the performance and safety analyses performed during the study were used to feedback for the SMART conceptual design. The performance and safety analysis code systems as well as the preliminary safety analysis methodology developed in this study will be validated as the SMART design evolves. The performance and safety analysis technology developed during the study will be utilized for the SMART basic design development. (author)

INTEGRATED SAFETY MANAGEMENT SYSTEM IN AIR TRAFFIC SERVICES

Directory of Open Access Journals (Sweden)

Volodymyr Kharchenko

2014-06-01

Full Text Available The article deals with the analysis of the researches conducted in the field of safety management systems.Safety management system framework, methods and tools for safety analysis in Air Traffic Control have been reviewed.Principles of development of Integrated safety management system in Air Traffic Services have been proposed.

Modelling safety of multistate systems with ageing components

Energy Technology Data Exchange (ETDEWEB)

Kołowrocki, Krzysztof; Soszyńska-Budny, Joanna [Gdynia Maritime University, Department of Mathematics ul. Morska 81-87, Gdynia 81-225 Poland (Poland)

2016-06-08

An innovative approach to safety analysis of multistate ageing systems is presented. Basic notions of the ageing multistate systems safety analysis are introduced. The system components and the system multistate safety functions are defined. The mean values and variances of the multistate systems lifetimes in the safety state subsets and the mean values of their lifetimes in the particular safety states are defined. The multi-state system risk function and the moment of exceeding by the system the critical safety state are introduced. Applications of the proposed multistate system safety models to the evaluation and prediction of the safty characteristics of the consecutive “m out of n: F” is presented as well.

Modelling safety of multistate systems with ageing components

International Nuclear Information System (INIS)

Kołowrocki, Krzysztof; Soszyńska-Budny, Joanna

2016-01-01

An innovative approach to safety analysis of multistate ageing systems is presented. Basic notions of the ageing multistate systems safety analysis are introduced. The system components and the system multistate safety functions are defined. The mean values and variances of the multistate systems lifetimes in the safety state subsets and the mean values of their lifetimes in the particular safety states are defined. The multi-state system risk function and the moment of exceeding by the system the critical safety state are introduced. Applications of the proposed multistate system safety models to the evaluation and prediction of the safty characteristics of the consecutive “m out of n: F” is presented as well.

Code conversion for system design and safety analysis of NSSS

Energy Technology Data Exchange (ETDEWEB)

Lee, Hae Cho; Kim, Young Tae; Choi, Young Gil; Kim, Hee Kyung [Korea Atomic Energy Research Institute, Taejon (Korea, Republic of)

1996-01-01

This report describes overall project works related to conversion, installation and validation of computer codes which are used in NSSS design and safety analysis of nuclear power plants. Domain/os computer codes for system safety analysis are installed and validated on Apollo DN10000, and then Apollo version are converted and installed again on HP9000/700 series with appropriate validation. Also, COOLII and COAST which are cyber version computer codes are converted into versions of Apollo DN10000 and HP9000/700, and installed with validation. This report details whole processes of work involved in the computer code conversion and installation, as well as software verification and validation results which are attached to this report. 12 refs., 8 figs. (author)

Architecture for interlock systems: reliability analysis with regard to safety and availability

International Nuclear Information System (INIS)

Wagner, S.; Apollonio, A.; Schmidt, R.; Zerlauth, M.; Vergara-Fernandez, A.

2012-01-01

For particle accelerators like LHC and other large experimental physics facilities like ITER, the machine protection relies on complex interlock systems. In the design of interlock loops for the signal exchange in machine protection systems, the choice of the hardware architecture impacts on machine safety and availability. The reliable performance of a machine stop (leaving the machine in a safe state) in case of an emergency, is an inherent requirement. The constraints in terms of machine availability on the other hand may differ from one facility to another. Spurious machine stops, lowering machine availability, may to a certain extent be tolerated in facilities where they do not cause undue equipment wear-out. In order to compare various interlock loop architectures in terms of safety and availability, the occurrence frequencies of related scenarios have been calculated in a reliability analysis, using a generic analytical model. This paper presents the results and illustrates the potential of the analysis method for supporting the choice of interlock system architectures. The results show the advantages of a 2003 (3 redundant lines with 2-out-of-3 voting) over the 6 architectures under consideration for systems with high requirements in both safety and availability

The adaptive safety analysis and monitoring system

Science.gov (United States)

Tu, Haiying; Allanach, Jeffrey; Singh, Satnam; Pattipati, Krishna R.; Willett, Peter

2004-09-01

The Adaptive Safety Analysis and Monitoring (ASAM) system is a hybrid model-based software tool for assisting intelligence analysts to identify terrorist threats, to predict possible evolution of the terrorist activities, and to suggest strategies for countering terrorism. The ASAM system provides a distributed processing structure for gathering, sharing, understanding, and using information to assess and predict terrorist network states. In combination with counter-terrorist network models, it can also suggest feasible actions to inhibit potential terrorist threats. In this paper, we will introduce the architecture of the ASAM system, and discuss the hybrid modeling approach embedded in it, viz., Hidden Markov Models (HMMs) to detect and provide soft evidence on the states of terrorist network nodes based on partial and imperfect observations, and Bayesian networks (BNs) to integrate soft evidence from multiple HMMs. The functionality of the ASAM system is illustrated by way of application to the Indian Airlines Hijacking, as modeled from open sources.

Safety analysis of an expert reactor protection system in nuclear power plants

International Nuclear Information System (INIS)

EL-Kafas, A.E.A.E.

1996-01-01

the purpose of the dissertation is to develop a real time expert reactor protection system (ERPS) for operational safety of pressurized water reactor nuclear power plant. The system is developed to diagnose plant failures and for identification of plant transients (with and without scram). for this ERPS. probabilistic safety analysis techniques are used to check the availability and priority of the recommended safety system in case of plant accidents . the real- time information during transients and accidents can be obtained to asses the operator in his decision - making . Also, the ERPS is able to give advice for the reactor operator to take the appropriate corrective action during abnormal situations. The system model consists of the dynamic differential equations for reactor core, pressurizer, steam generator, turbine and generator, piping and plenums. The system of equations can be solved by appropriate codes also displayed directly from sensors of the plant. All scenarios of transients, accidents and fault tress for plant systems are learned to ERPS

Survey and evaluation of inherent safety characteristics and passive safety systems for use in probabilistic safety analyses

International Nuclear Information System (INIS)

Wetzel, N.; Scharfe, A.

1998-01-01

The present report examines the possibilities and limits of a probabilistic safety analysis to evaluate passive safety systems and inherent safety characteristics. The inherent safety characteristics are based on physical principles, that together with the safety system lead to no damage. A probabilistic evaluation of the inherent safety characteristic is not made. An inventory of passive safety systems of accomplished nuclear power plant types in the Federal Republic of Germany was drawn up. The evaluation of the passive safety system in the analysis of the accomplished nuclear power plant types was examined. The analysis showed that the passive manner of working was always assumed to be successful. A probabilistic evaluation was not performed. The unavailability of the passive safety system was determined by the failure of active components which are necessary in order to activate the passive safety system. To evaluate the passive safety features in new concepts of nuclear power plants the AP600 from Westinghouse, the SBWR from General Electric and the SWR 600 from Siemens, were selected. Under these three reactor concepts, the SWR 600 is specially attractive because the safety features need no energy sources and instrumentation in this concept. First approaches for the assessment of the reliability of passively operating systems are summarized. Generally it can be established that the core melt frequency for the passive concepts AP600 and SBWR is advantageous in comparison to the probabilistic objectives from the European Pressurized Water Reactor (EPR). Under the passive concepts is the SWR 600 particularly interesting. In this concept the passive systems need no energy sources and instrumentation, and has active operational systems and active safety equipment. Siemens argues that with this concept the frequency of a core melt will be two orders of magnitude lower than for the conventional reactors. (orig.) [de

Systems Safety and Engineering Division

Data.gov (United States)

Federal Laboratory Consortium — Volpe's Systems Safety and Engineering Division conducts engineering, research, and analysis to improve transportation safety, capacity, and resiliency. We provide...

Information System Hazard Analysis: A Method for Identifying Technology-induced Latent Errors for Safety.

Science.gov (United States)

Weber, Jens H; Mason-Blakley, Fieran; Price, Morgan

2015-01-01

Many health information and communication technologies (ICT) are safety-critical; moreover, reports of technology-induced adverse events related to them are plentiful in the literature. Despite repeated criticism and calls to action, recent data collected by the Institute of Medicine (IOM) and other organization do not indicate significant improvements with respect to the safety of health ICT systems. A large part of the industry still operates on a reactive "break & patch" model; the application of pro-active, systematic hazard analysis methods for engineering ICT that produce "safe by design" products is sparse. This paper applies one such method: Information System Hazard Analysis (ISHA). ISHA adapts and combines hazard analysis techniques from other safety-critical domains and customizes them for ICT. We provide an overview of the steps involved in ISHA and describe.

Safety analysis for the use of new digital safety I and C systems

International Nuclear Information System (INIS)

Buehler, Cornelia

2012-01-01

Age-induced replacement or modernization of safety I and C systems by digital equipment technology has been one of the topical subjects in nuclear technology for more than a decade. Digital equipment technology in this case means microcontroller- or microprocessor-based systems which implement I and C functions in software (SW) and, on the other hand, systems with programmed hardware (HW) components, such as Application-specific Integrated Circuits (ASIC), Field Programmable Gate Arrays (FPGA) or Programmable Logic Devices (PLS), which can be developed only by means of sophisticated SW development environments. The switch to digital equipment technology is more than a mere change in equipment technology even though the I and C functions remain almost identical in most cases. The switch not only leads to a different approach in equipment qualification, but also requires new focal points in plant design when it comes to assessing plant design, and needs new or adapted methods of analysis and evaluation. The main reason lies in the greater possibilities of systematic errors caused mainly by software-based development, manufacture and maintenance. New and adapted methods of analysis and evaluation for I and C systems are presented and explained. It is safe to say that safety I and C technology in the highest category of requirements necessitates a very far reaching realignment in design and evaluation as well as the use of new analytical techniques. This meets the claim of an I and C technology fit for use, reliable and comparable to the technology it replaces. (orig.)

Software FMEA analysis for safety-related application software

International Nuclear Information System (INIS)

Park, Gee-Yong; Kim, Dong Hoon; Lee, Dong Young

2014-01-01

Highlights: • We develop a modified FMEA analysis suited for applying to software architecture. • A template for failure modes on a specific software language is established. • A detailed-level software FMEA analysis on nuclear safety software is presented. - Abstract: A method of a software safety analysis is described in this paper for safety-related application software. The target software system is a software code installed at an Automatic Test and Interface Processor (ATIP) in a digital reactor protection system (DRPS). For the ATIP software safety analysis, at first, an overall safety or hazard analysis is performed over the software architecture and modules, and then a detailed safety analysis based on the software FMEA (Failure Modes and Effect Analysis) method is applied to the ATIP program. For an efficient analysis, the software FMEA analysis is carried out based on the so-called failure-mode template extracted from the function blocks used in the function block diagram (FBD) for the ATIP software. The software safety analysis by the software FMEA analysis, being applied to the ATIP software code, which has been integrated and passed through a very rigorous system test procedure, is proven to be able to provide very valuable results (i.e., software defects) that could not be identified during various system tests

Suitability review of FMEA and reliability analysis for digital plant protection system and digital engineered safety features actuation system

Energy Technology Data Exchange (ETDEWEB)

Kim, I. S.; Kim, T. K.; Kim, M. C.; Kim, B. S.; Hwang, S. W.; Ryu, K. C. [Hanyang Univ., Seoul (Korea, Republic of)

2000-11-15

Of the many items that should be checked out during a review stage of the licensing application for the I and C system of Ulchin 5 and 6 units, this report relates to a suitability review of the reliability analysis of Digital Plant Protection System (DPPS) and Digital Engineered Safety Features Actuation System (DESFAS). In the reliability analysis performed by the system designer, ABB-CE, fault tree analysis was used as the main methods along with Failure Modes and Effect Analysis (FMEA). However, the present regulatory technique dose not allow the system reliability analysis and its results to be appropriately evaluated. Hence, this study was carried out focusing on the following four items ; development of general review items by which to check the validity of a reliability analysis, and the subsequent review of suitability of the reliability analysis for Ulchin 5 and 6 DPPS and DESFAS L development of detailed review items by which to check the validity of an FMEA, and the subsequent review of suitability of the FMEA for Ulchin 5 and 6 DPPS and DESFAS ; development of detailed review items by which to check the validity of a fault tree analysis, and the subsequent review of suitability of the fault tree for Ulchin 5 and 6 DPPS and DESFAS ; an integrated review of the safety and reliability of the Ulchin 5 and 6 DPPS and DESFAS based on the results of the various reviews above and also of a reliability comparison between the digital systems and the comparable analog systems, i.e., and analog Plant Protection System (PPS) and and analog Engineered Safety Features Actuation System (ESFAS). According to the review mentioned above, the reliability analysis of Ulchin 5 and 6 DPPS and DESFAS generally satisfies the review requirements. However, some shortcomings of the analysis were identified in our review such that the assumed test periods for several equipment were not properly incorporated in the analysis, and failures of some equipment were not included in the

Classification analysis of organization factors related to system safety

International Nuclear Information System (INIS)

Liu Huizhen; Zhang Li; Zhang Yuling; Guan Shihua

2009-01-01

This paper analyzes the different types of organization factors which influence the system safety. The organization factor can be divided into the interior organization factor and exterior organization factor. The latter includes the factors of political, economical, technical, law, social culture and geographical, and the relationships among different interest groups. The former includes organization culture, communication, decision, training, process, supervision and management and organization structure. This paper focuses on the description of the organization factors. The classification analysis of the organization factors is the early work of quantitative analysis. (authors)

System study application to the safety analysis of the exhaust and the tritium systems of a fusion reactor

International Nuclear Information System (INIS)

Djerassi, H.; Rouillard, J.; Leger, D.; Zappellini, G.; Gambi, G.

1988-01-01

An applicative example of the general methodology system study to the safety analysis of the exhaust and tritium systems, in a tokamak device, is shown. The framework of the study is split into the following tasks: initial information collection, functional analysis, failure scenarios identification and description, reliability data assessment, accident sequence quantification, consequence seriousness evaluation, risk assessment. Results concerning risk contribution from direct failures show that, in the exhaust system and in the tritium system, the risk contribution to public is rather smaller than the safety design targets. Nevertheless, if the reactor building is not taken into account, the risk contribution from the exhaust system can be significant. Risk contribution to the workers seems to be not to heavy

FOOD SAFETY CONTROL SYSTEM IN CHINA

Institute of Scientific and Technical Information of China (English)

Liu Wei-jun; Wei Yi-min; Han Jun; Luo Dan; Pan Jia-rong

2007-01-01

Most countries have expended much effort to develop food safety control systems to ensure safe food supplies within their borders. China, as one of the world's largest food producers and consumers,pays a lot of attention to food safety issues. In recent years, China has taken actions and implemented a series of plans in respect to food safety. Food safety control systems including regulatory, supervisory,and science and technology systems, have begun to be established in China. Using, as a base, an analysis of the current Chinese food safety control system as measured against international standards, this paper discusses the need for China to standardize its food safety control system. We then suggest some policies and measures to improve the Chinese food safety control system.

Main Steam Line Break Analysis for the Fully Passive Safety System of SMART

International Nuclear Information System (INIS)

Kim, Seong Wook; Chun, Ji Han; Bae, Kyoo Hwan; Kim, Keung Koo

2013-01-01

The standard design approval of SMART (System-integrated Modular Advanced ReacTor) developed by KAERI and KEPCO consortium was issued on July 4, 2012. Although SMART has enhanced safety compared to the conventional reactor, there is a demand to meet the 'passive safety performance requirements' after the Fukushima accident. The passive safety performance requirements are the capabilities to maintain the plant at a safe shutdown condition for a minimum of 72 hours without AC power supply or operator action in case of design basis accident (DBA). To satisfy the requirements, KAERI is developing a safety enhanced SMART by adopting a passive safety injection system. The passive safety injection system developed for SMART is a gravity-driven injection system, which consists of four trains, each of which includes a pressure balance line, core makeup tank (CMT), safety injection tank (SIT) and injection line. The CMT plays an important role to inject borated water into the RCS to prevent or dissolve the return to power (re-criticality) condition during the event of increase in heat removal by the secondary system. The main steam line break accident (MSLB) is the most limiting accident for an increase in heat removal by the secondary system. In this study, the safety analysis results of MSLBs at hot full power condition and at hot zero power condition in view of re-criticality are given. The MSLB accident has been analyzed for the SMART adopting fully passive safety system in the aspect of re-criticality. The results show that the core remains subcritical condition throughout the transient due to the borated water injected by the CMT. As further works, many kinds of analyses and sensitivity studies should be performed for the design establishment and improvement of the fully passive system of SMART

Nuclear-power-safety reporting system: feasibility analysis

International Nuclear Information System (INIS)

Finlayson, F.C.; Ims, J.

1983-04-01

The US Nuclear Regulatory Commission (NRC) is evaluating the possibility of instituting a data gathering system for identifying and quantifying the factors that contribute to the occurrence of significant safety problems involving humans in nuclear power plants. This report presents the results of a brief (6 months) study of the feasibility of developing a voluntary, nonpunitive Nuclear Power Safety Reporting System (NPSRS). Reports collected by the system would be used to create a data base for documenting, analyzing and assessing the significance of the incidents. Results of The Aerospace Corporation study are presented in two volumes. This document, Volume I, contains a summary of an assessment of the Aviation Safety Reporting System (ASRS). The FAA-sponsored, NASA-managed ASRS was found to be successful, relatively low in cost, generally acceptable to all facets of the aviation community, and the source of much useful data and valuable reports on human factor problems in the nation's airways. Several significant ASRS features were found to be pertinent and applicable for adoption into a NPSRS

Preliminary safety analysis methodology for the SMART

Energy Technology Data Exchange (ETDEWEB)

Bae, Kyoo Hwan; Chung, Y. J.; Kim, H. C.; Sim, S. K.; Lee, W. J.; Chung, B. D.; Song, J. H. [Korea Atomic Energy Research Institute, Taejeon (Korea)

2000-03-01

This technical report was prepared for a preliminary safety analysis methodology of the 330MWt SMART (System-integrated Modular Advanced ReacTor) which has been developed by Korea Atomic Energy Research Institute (KAERI) and funded by the Ministry of Science and Technology (MOST) since July 1996. This preliminary safety analysis methodology has been used to identify an envelope for the safety of the SMART conceptual design. As the SMART design evolves, further validated final safety analysis methodology will be developed. Current licensing safety analysis methodology of the Westinghouse and KSNPP PWRs operating and under development in Korea as well as the Russian licensing safety analysis methodology for the integral reactors have been reviewed and compared to develop the preliminary SMART safety analysis methodology. SMART design characteristics and safety systems have been reviewed against licensing practices of the PWRs operating or KNGR (Korean Next Generation Reactor) under construction in Korea. Detailed safety analysis methodology has been developed for the potential SMART limiting events of main steam line break, main feedwater pipe break, loss of reactor coolant flow, CEA withdrawal, primary to secondary pipe break and the small break loss of coolant accident. SMART preliminary safety analysis methodology will be further developed and validated in parallel with the safety analysis codes as the SMART design further evolves. Validated safety analysis methodology will be submitted to MOST as a Topical Report for a review of the SMART licensing safety analysis methodology. Thus, it is recommended for the nuclear regulatory authority to establish regulatory guides and criteria for the integral reactor. 22 refs., 18 figs., 16 tabs. (Author)

Practicality for Software Hazard Analysis for Nuclear Safety I and C System

International Nuclear Information System (INIS)

Kim, Yong-Ho; Moon, Kwon-Ki; Chang, Young-Woo; Jeong, Soo-Hyun

2016-01-01

We are using the concept of system safety in engineering. It is difficult to make any system perfectly safe and probably a complete system may not easily be achieved. The standard definition of a system from MIL-STD- 882E is: “The organization of hardware, software, material, facilities, personnel, data, and services needed to perform a designated function within a stated environment with specified results.” From the perspective of the system safety engineer and the hazard analysis process, software is considered as a subsystem. Regarding hazard analysis, to date, methods for identifying software failures and determining their effects is still a research problem. Since the success of software development is based on rigorous test of hardware and software, it is necessary to check the balance between software test and hardware test, and in terms of efficiency. Lessons learned and experience from similar systems are important for the work of hazard analysis. No major hazard has been issued for the software developed and verified in Korean NPPs. In addition to hazard analysis, software development, and verification and validation were thoroughly performed. It is reasonable that the test implementation including the development of the test case, stress and abnormal conditions, error recovery situations, and high risk hazardous situations play a key role in detecting and preventing software faults

Practicality for Software Hazard Analysis for Nuclear Safety I and C System

Energy Technology Data Exchange (ETDEWEB)

Kim, Yong-Ho; Moon, Kwon-Ki; Chang, Young-Woo; Jeong, Soo-Hyun [KEPCO Engineering and Construction Co., Deajeon (Korea, Republic of)

2016-10-15

We are using the concept of system safety in engineering. It is difficult to make any system perfectly safe and probably a complete system may not easily be achieved. The standard definition of a system from MIL-STD- 882E is: “The organization of hardware, software, material, facilities, personnel, data, and services needed to perform a designated function within a stated environment with specified results.” From the perspective of the system safety engineer and the hazard analysis process, software is considered as a subsystem. Regarding hazard analysis, to date, methods for identifying software failures and determining their effects is still a research problem. Since the success of software development is based on rigorous test of hardware and software, it is necessary to check the balance between software test and hardware test, and in terms of efficiency. Lessons learned and experience from similar systems are important for the work of hazard analysis. No major hazard has been issued for the software developed and verified in Korean NPPs. In addition to hazard analysis, software development, and verification and validation were thoroughly performed. It is reasonable that the test implementation including the development of the test case, stress and abnormal conditions, error recovery situations, and high risk hazardous situations play a key role in detecting and preventing software faults.

Bayesian Statistics and Uncertainty Quantification for Safety Boundary Analysis in Complex Systems

Science.gov (United States)

He, Yuning; Davies, Misty Dawn

2014-01-01

The analysis of a safety-critical system often requires detailed knowledge of safe regions and their highdimensional non-linear boundaries. We present a statistical approach to iteratively detect and characterize the boundaries, which are provided as parameterized shape candidates. Using methods from uncertainty quantification and active learning, we incrementally construct a statistical model from only few simulation runs and obtain statistically sound estimates of the shape parameters for safety boundaries.

Vibration analysis of the Golfech 2 safety injection system

International Nuclear Information System (INIS)

Morilhat, P.

1993-01-01

The main function of the safety injection system in a PWR plant is to ensure cooling of fuel elements in the event of a loss of coolant accident. The multistage centrifugal pump mounted-on this system induces pressure fluctuations, resulting in dynamic loads on piping. In certain plant units, these loads have caused cracking in the nozzles connected to the safety injection system, whereas in others, no damage has been observed. In order to understand the differences in dynamic behavior observed from one site to another, tests were performed on a real safety injection system, that of Golfech-2. They enabled determination of the modal characteristics of the system and identification of the hydro-acoustic source of the low head safety injection pump. They also enabled assessment of the pressure fluctuation levels in the pump suction and discharge areas as well as the vibratory response of the system when operating under partial and nominal flow conditions. Finally, these test results were used to estimate fatigue damage in the safety injection system. The experimental results will later be used to validate the model of the system undertaken with the piping design code CIRCUS and define the boundary conditions to be taken into account. (author). 6 figs., 2 refs

ACCIDENT ANALYSES & CONTROL OPTIONS IN SUPPORT OF THE SLUDGE WATER SYSTEM SAFETY ANALYSIS

Energy Technology Data Exchange (ETDEWEB)

WILLIAMS, J.C.

2003-11-15

This report documents the accident analyses and nuclear safety control options for use in Revision 7 of HNF-SD-WM-SAR-062, ''K Basins Safety Analysis Report'' and Revision 4 of HNF-SD-SNF-TSR-001, ''Technical Safety Requirements - 100 KE and 100 KW Fuel Storage Basins''. These documents will define the authorization basis for Sludge Water System (SWS) operations. This report follows the guidance of DOE-STD-3009-94, ''Preparation Guide for US. Department of Energy Nonreactor Nuclear Facility Safety Analysis Reports'', for calculating onsite and offsite consequences. The accident analysis summary is shown in Table ES-1 below. While this document describes and discusses potential control options to either mitigate or prevent the accidents discussed herein, it should be made clear that the final control selection for any accident is determined and presented in HNF-SD-WM-SAR-062.

Safety margins in deterministic safety analysis

International Nuclear Information System (INIS)

Viktorov, A.

2011-01-01

The concept of safety margins has acquired certain prominence in the attempts to demonstrate quantitatively the level of the nuclear power plant safety by means of deterministic analysis, especially when considering impacts from plant ageing and discovery issues. A number of international or industry publications exist that discuss various applications and interpretations of safety margins. The objective of this presentation is to bring together and examine in some detail, from the regulatory point of view, the safety margins that relate to deterministic safety analysis. In this paper, definitions of various safety margins are presented and discussed along with the regulatory expectations for them. Interrelationships of analysis input and output parameters with corresponding limits are explored. It is shown that the overall safety margin is composed of several components each having different origins and potential uses; in particular, margins associated with analysis output parameters are contrasted with margins linked to the analysis input. While these are separate, it is possible to influence output margins through the analysis input, and analysis method. Preserving safety margins is tantamount to maintaining safety. At the same time, efficiency of operation requires optimization of safety margins taking into account various technical and regulatory considerations. For this, basic definitions and rules for safety margins must be first established. (author)

Safety assessment of high consequence robotics system

International Nuclear Information System (INIS)

Robinson, D.G.; Atcitty, C.B.

1996-01-01

This paper outlines the use of a failure modes and effects analysis for the safety assessment of a robotic system being developed at Sandia National Laboratories. The robotic system, the weigh and leak check system, is to replace a manual process for weight and leakage of nuclear materials at the DOE Pantex facility. Failure modes and effects analyses were completed for the robotics process to ensure that safety goals for the systems have been met. Due to the flexible nature of the robot configuration, traditional failure modes and effects analysis (FMEA) were not applicable. In addition, the primary focus of safety assessments of robotics systems has been the protection of personnel in the immediate area. In this application, the safety analysis must account for the sensitivities of the payload as well as traditional issues. A unique variation on the classical FMEA was developed that permits an organized and quite effective tool to be used to assure that safety was adequately considered during the development of the robotic system. The fundamental aspects of the approach are outlined in the paper

The practical implementation of integrated safety management for nuclear safety analysis and fire hazards analysis documentation

International Nuclear Information System (INIS)

COLLOPY, M.T.

1999-01-01

In 1995 Mr. Joseph DiNunno of the Defense Nuclear Facilities Safety Board issued an approach to describe the concept of an integrated safety management program which incorporates hazard and safety analysis to address a multitude of hazards affecting the public, worker, property, and the environment. Since then the U S . Department of Energy (DOE) has adopted a policy to systematically integrate safety into management and work practices at all levels so that missions can be completed while protecting the public, worker, and the environment. While the DOE and its contractors possessed a variety of processes for analyzing fire hazards at a facility, activity, and job; the outcome and assumptions of these processes have not always been consistent for similar types of hazards within the safety analysis and the fire hazard analysis. Although the safety analysis and the fire hazard analysis are driven by different DOE Orders and requirements, these analyses should not be entirely independent and their preparation should be integrated to ensure consistency of assumptions, consequences, design considerations, and other controls. Under the DOE policy to implement an integrated safety management system, identification of hazards must be evaluated and agreed upon to ensure that the public. the workers. and the environment are protected from adverse consequences. The DOE program and contractor management need a uniform, up-to-date reference with which to plan. budget, and manage nuclear programs. It is crucial that DOE understand the hazards and risks necessarily to authorize the work needed to be performed. If integrated safety management is not incorporated into the preparation of the safety analysis and the fire hazard analysis, inconsistencies between assumptions, consequences, design considerations, and controls may occur that affect safety. Furthermore, confusion created by inconsistencies may occur in the DOE process to grant authorization of the work. In accordance with

Perspectives on the development of next generation reactor systems safety analysis codes

International Nuclear Information System (INIS)

Zhang, H.

2015-01-01

'Full text:' Existing reactor system analysis codes, such as RELAP5-3D and TRAC, have gained worldwide success in supporting reactor safety analyses, as well as design and licensing of new reactors. These codes are important assets to the nuclear engineering research community, as well as to the nuclear industry. However, most of these codes were originally developed during the 1970s', and it becomes necessary to develop next-generation reactor system analysis codes for several reasons. Firstly, as new reactor designs emerge, there are new challenges emerging in numerical simulations of reactor systems such as long lasting transients and multi-physics phenomena. These new requirements are beyond the range of applicability of the existing system analysis codes. Advanced modeling and numerical methods must be taken into consideration to improve the existing capabilities. Secondly, by developing next-generation reactor system analysis codes, the knowledge (know how) in two phase flow modeling and the highly complex constitutive models will be transferred to the young generation of nuclear engineers. And thirdly, all computer codes have limited shelf life. It becomes less and less cost-effective to maintain a legacy code, due to the fast change of computer hardware and software environment. There are several critical perspectives in terms of developing next-generation reactor system analysis codes: 1) The success of the next-generation codes must be built upon the success of the existing codes. The knowledge of the existing codes, not just simply the manuals and codes, but knowing why and how, must be transferred to the next-generation codes. The next-generation codes should encompass the capability of the existing codes. The shortcomings of existing codes should be identified, understood, and properly categorized, for example into model deficiencies or numerical method deficiencies. 2) State-of-the-art models and numerical methods must be considered to

Perspectives on the development of next generation reactor systems safety analysis codes

Energy Technology Data Exchange (ETDEWEB)

Zhang, H., E-mail: Hongbin.Zhang@inl.gov [Idaho National Laboratory, Idaho Falls, ID (United States)

2015-07-01

'Full text:' Existing reactor system analysis codes, such as RELAP5-3D and TRAC, have gained worldwide success in supporting reactor safety analyses, as well as design and licensing of new reactors. These codes are important assets to the nuclear engineering research community, as well as to the nuclear industry. However, most of these codes were originally developed during the 1970s', and it becomes necessary to develop next-generation reactor system analysis codes for several reasons. Firstly, as new reactor designs emerge, there are new challenges emerging in numerical simulations of reactor systems such as long lasting transients and multi-physics phenomena. These new requirements are beyond the range of applicability of the existing system analysis codes. Advanced modeling and numerical methods must be taken into consideration to improve the existing capabilities. Secondly, by developing next-generation reactor system analysis codes, the knowledge (know how) in two phase flow modeling and the highly complex constitutive models will be transferred to the young generation of nuclear engineers. And thirdly, all computer codes have limited shelf life. It becomes less and less cost-effective to maintain a legacy code, due to the fast change of computer hardware and software environment. There are several critical perspectives in terms of developing next-generation reactor system analysis codes: 1) The success of the next-generation codes must be built upon the success of the existing codes. The knowledge of the existing codes, not just simply the manuals and codes, but knowing why and how, must be transferred to the next-generation codes. The next-generation codes should encompass the capability of the existing codes. The shortcomings of existing codes should be identified, understood, and properly categorized, for example into model deficiencies or numerical method deficiencies. 2) State-of-the-art models and numerical methods must be considered to

Preliminary safety evaluation for CSR1000 with passive safety system

International Nuclear Information System (INIS)

Wu, Pan; Gou, Junli; Shan, Jianqiang; Zhang, Bo; Li, Xiang

2014-01-01

Highlights: • The basic information of a Chinese SCWR concept CSR1000 is introduced. • An innovative passive safety system is proposed for CSR1000. • 6 Transients and 3 accidents are analysed with system code SCTRAN. • The passive safety systems greatly mitigate the consequences of these incidents. • The inherent safety of CSR1000 is enhanced. - Abstract: This paper describes the preliminary safety analysis of the Chinese Supercritical water cooled Reactor (CSR1000), which is proposed by Nuclear Power Institute of China (NPIC). The two-pass core design applied to CSR1000 decreases the fuel cladding temperature and flattens the power distribution of the core at normal operation condition. Each fuel assembly is made up of four sub-assemblies with downward-flow water rods, which is favorable to the core cooling during abnormal conditions due to the large water inventory of the water rods. Additionally, a passive safety system is proposed for CSR1000 to increase the safety reliability at abnormal conditions. In this paper, accidents of “pump seizure”, “loss of coolant flow accidents (LOFA)”, “core depressurization”, as well as some typical transients are analysed with code SCTRAN, which is a one-dimensional safety analysis code for SCWRs. The results indicate that the maximum cladding surface temperatures (MCST), which is the most important safety criterion, of the both passes in the mentioned incidents are all below the safety criterion by a large margin. The sensitivity analyses of the delay time of RCPs trip in “loss of offsite power” and the delay time of RMT actuation in “loss of coolant flowrate” were also included in this paper. The analyses have shown that the core design of CSR1000 is feasible and the proposed passive safety system is capable of mitigating the consequences of the selected abnormalities

The integrated code system CASCADE-3D for advanced core design and safety analysis

International Nuclear Information System (INIS)

Neufert, A.; Van de Velde, A.

1999-01-01

The new program system CASCADE-3D (Core Analysis and Safety Codes for Advanced Design Evaluation) links some of Siemens advanced code packages for in-core fuel management and accident analysis: SAV95, PANBOX/COBRA and RELAP5. Consequently by using CASCADE-3D the potential of modern fuel assemblies and in-core fuel management strategies can be much better utilized because safety margins which had been reduced due to conservative methods are now predicted more accurately. By this innovative code system the customers can now take full advantage of the recent progress in fuel assembly design and in-core fuel management.(author)

Issues affecting advanced passive light-water reactor safety analysis

International Nuclear Information System (INIS)

Beelman, R.J.; Fletcher, C.D.; Modro, S.M.

1992-01-01

Next generation commercial reactor designs emphasize enhanced safety through improved safety system reliability and performance by means of system simplification and reliance on immutable natural forces for system operation. Simulating the performance of these safety systems will be central to analytical safety evaluation of advanced passive reactor designs. Yet the characteristically small driving forces of these safety systems pose challenging computational problems to current thermal-hydraulic systems analysis codes. Additionally, the safety systems generally interact closely with one another, requiring accurate, integrated simulation of the nuclear steam supply system, engineered safeguards and containment. Furthermore, numerical safety analysis of these advanced passive reactor designs wig necessitate simulation of long-duration, slowly-developing transients compared with current reactor designs. The composite effects of small computational inaccuracies on induced system interactions and perturbations over long periods may well lead to predicted results which are significantly different than would otherwise be expected or might actually occur. Comparisons between the engineered safety features of competing US advanced light water reactor designs and analogous present day reactor designs are examined relative to the adequacy of existing thermal-hydraulic safety codes in predicting the mechanisms of passive safety. Areas where existing codes might require modification, extension or assessment relative to passive safety designs are identified. Conclusions concerning the applicability of these codes to advanced passive light water reactor safety analysis are presented

14 CFR 35.15 - Safety analysis.

Science.gov (United States)

2010-01-01

... 14 Aeronautics and Space 1 2010-01-01 2010-01-01 false Safety analysis. 35.15 Section 35.15... STANDARDS: PROPELLERS Design and Construction § 35.15 Safety analysis. (a)(1) The applicant must analyze the.... This analysis will take into account, if applicable: (i) The propeller system in a typical installation...

Development of safety analysis technology for LMR

International Nuclear Information System (INIS)

Hahn, Do Hee; Kwon, Y. M.; Kim, K. D.

2000-05-01

The analysis methodologies as well as the analysis computer code system for the transient, HCDA, and containment performance analyses, which are required for KALIMER safety analyses, have been developed. The SSC-K code has been developed based on SSC-L which is an analysis code for loop type LMR, by improving models necessary for the KALIMER system analysis, and additional models have been added to the code. In addition, HCDA analysis model has been developed and the containment performance analysis code has been also improved. The preliminary basis for the safety analysis has been established, and the preliminary safety analyses for the key design features have been performed. In addition, a state-of-art analysis for LMR PSA and overseas safety and licensing requirements have been reviewed. The design database for the systematic management of the design documents as well as design processes has been established as well

Development of safety analysis technology for LMR

Energy Technology Data Exchange (ETDEWEB)

Hahn, Do Hee; Kwon, Y. M.; Kim, K. D. [and others

2000-05-01

The analysis methodologies as well as the analysis computer code system for the transient, HCDA, and containment performance analyses, which are required for KALIMER safety analyses, have been developed. The SSC-K code has been developed based on SSC-L which is an analysis code for loop type LMR, by improving models necessary for the KALIMER system analysis, and additional models have been added to the code. In addition, HCDA analysis model has been developed and the containment performance analysis code has been also improved. The preliminary basis for the safety analysis has been established, and the preliminary safety analyses for the key design features have been performed. In addition, a state-of-art analysis for LMR PSA and overseas safety and licensing requirements have been reviewed. The design database for the systematic management of the design documents as well as design processes has been established as well.

Ignalina Safety Analysis Group's report for the year 1998

International Nuclear Information System (INIS)

Uspuras, E.; Augutis, J.; Bubelis, E.; Cesna, B.; Kaliatka, A.

1999-02-01

Results of Ignalina NPP Safety Analysis Group's research are presented. The main fields of group's activities in 1998 were following: safety analysis of reactor's cooling system, safety analysis of accident localization system, investigation of the problem graphite - fuel channel, reactor core modelling, assistance to the regulatory body VATESI in drafting regulations and reviewing safety reports presented by Ignalina NPP during the process of licensing of unit 1

Safety Analysis of Stochastic Dynamical Systems

DEFF Research Database (Denmark)

Sloth, Christoffer; Wisniewski, Rafael

2015-01-01

This paper presents a method for verifying the safety of a stochastic system. In particular, we show how to compute the largest set of initial conditions such that a given stochastic system is safe with probability p. To compute the set of initial conditions we rely on the moment method that via...... that shows how the p-safe initial set is computed numerically....

Safety analysis of RSG-GAS Silicide core using one line cooling system

International Nuclear Information System (INIS)

Endiah-Puji-Hastuti

2003-01-01

In the frame of minimizing the operation-cost, operation mode using one line cooling system is being evaluated. Maximum reactor has been determined and to continuing this program, steady state and transient analysis were done. The analysis was done by means of a core thermal hydraulic code, COOLOD-N, and PARET. The codes solves core thermal hydraulic equation at steady state conditions and transient, respectively. By using silicide core data and coast down flow rate as the input, thermal hydraulics parameters such as fuel cladding and fuel meat temperatures as well as safety margin against flow instability were calculated. Imposing the safety criteria to the results of steady state and transient analysis, maximum permissible power for this operation was obtained as much as 17.1 MW

Status and topics of thermal-hydraulic analysis for next-generation LWRs with passive safety systems

International Nuclear Information System (INIS)

Aritomi, Masanori; Ohnuki, Akira; Arai, Kenji; Kikuta, Michitaka; Yonomoto, Taisuke; Araya, Fumimasa; Akimoto, Hajime

1999-01-01

For increasing of electric power demand and reducing of carbon dioxide exhaust in the 21st century, studies of the next-generation light water reactor (LWR) with passive safety systems are developing in the world: AP-600 (by Westing House Co.); SBWR (by General Electric Co.); SWR1000 (by Siemens Co.); NP21 (by Mitsubishi Heavy Industry Co., et al.); JPSR (by JAERI). The passive equipment using natural circulation and natural convection are installed in the passive safety system, instead of active safety equipment, such as pumps, etc. It remains still as a important issue, however, to verify the reliability on the functions of the passive equipment, since that the driving forces of the passive equipment are small at comparison with the active safety equipment. The various subjects of thermal-hydraulic analysis for the next-generation light water reactors, such as temperature stratification in the passive safety systems, vapor condensation in the mixture of non-condensable gases and the interactions of the passive safety system with the primary cooling system, are illustrated and discussed in the paper. (M. Suetake)

Probabilistic safety assessment of Tehran Research Reactor using systems analysis programs for hands-on integrated reliability evaluations

International Nuclear Information System (INIS)

Hosseini, M.H.; Nematollahi, M.R.; Sepanloo, K.

2004-01-01

Probabilistic safety assessment application is found to be a practical tool for research reactor safety due to intense involvement of human interactions in an experimental facility. In this document the application of the probabilistic safety assessment to the Tehran Research Reactor is presented. The level 1 practicabilities safety assessment application involved: Familiarization with the plant, selection of accident initiators, mitigating functions and system definitions, event tree constructions and quantifications, fault tree constructions and quantification, human reliability, component failure data base development and dependent failure analysis. Each of the steps of the analysis given above is discussed with highlights from the selected results. Quantification of the constructed models is done using systems analysis programs for hands-on integrated reliability evaluations software

Safety analysis report for packaging (onsite) sample pig transport system

International Nuclear Information System (INIS)

MCCOY, J.C.

1999-01-01

This Safety Analysis Report for Packaging (SARP) provides a technical evaluation of the Sample Pig Transport System as compared to the requirements of the U.S. Department of Energy, Richland Operations Office (RL) Order 5480.1, Change 1, Chapter III. The evaluation concludes that the package is acceptable for the onsite transport of Type B, fissile excepted radioactive materials when used in accordance with this document

Safety analysis report for packaging (onsite) sample pig transport system

Energy Technology Data Exchange (ETDEWEB)

MCCOY, J.C.

1999-03-16

This Safety Analysis Report for Packaging (SARP) provides a technical evaluation of the Sample Pig Transport System as compared to the requirements of the U.S. Department of Energy, Richland Operations Office (RL) Order 5480.1, Change 1, Chapter III. The evaluation concludes that the package is acceptable for the onsite transport of Type B, fissile excepted radioactive materials when used in accordance with this document.

Software system safety

Science.gov (United States)

Uber, James G.

1988-01-01

Software itself is not hazardous, but since software and hardware share common interfaces there is an opportunity for software to create hazards. Further, these software systems are complex, and proven methods for the design, analysis, and measurement of software safety are not yet available. Some past software failures, future NASA software trends, software engineering methods, and tools and techniques for various software safety analyses are reviewed. Recommendations to NASA are made based on this review.

Preliminary thermal-hydraulic and safety analysis of China DFLL-TBM system

Energy Technology Data Exchange (ETDEWEB)

Li, Wei [School of Nuclear Science and Technology, Xi’an Jiaotong University, No. 28, Xianning West Road, Xi’an, Shanxi 710049 (China); Tian, Wenxi, E-mail: wxtian@mail.xjtu.edu.cn [School of Nuclear Science and Technology, Xi’an Jiaotong University, No. 28, Xianning West Road, Xi’an, Shanxi 710049 (China); Qiu, Suizheng; Su, Guanghui; Jiao, Hong [School of Nuclear Science and Technology, Xi’an Jiaotong University, No. 28, Xianning West Road, Xi’an, Shanxi 710049 (China); Bai, Yunqing; Chen, Hongli [Institute of Nuclear Energy Safety Technology, Chinese Academy of Sciences, Hefei, Anhui 230031 (China); Wu, Yican, E-mail: yican.Wu@Fds.Org.Cn [Institute of Nuclear Energy Safety Technology, Chinese Academy of Sciences, Hefei, Anhui 230031 (China)

2013-06-15

Highlights: • Thermal-hydraulic and safety analysis on DFLL-TBM system is performed. • The TBM FW maximum temperature is 541 °C under steady state condition. • The TBM FW maximum temperature does not exceed the melt point of CLAM steel 1500 °C. • Neither the VV pressurization nor vault pressure build-up goes beyond 0.2 MPa. -- Abstract: China has proposed the dual-functional lithium-lead (DFLL) tritium breeding blanket concept for testing in ITER as a test blanket module (TBM), to demonstrate the technologies of tritium self-sufficiency, high-grade heat extraction and efficient electricity production which are needed for DEMO and fusion power plant. Safety assessment of the TBM and its auxiliary system should be conducted to deal with ITER safety issues directly caused by the TBM system failure during the design process. In this work, three potential initial events (PIEs) – in-vessel loss of helium (He) coolant and ex-vessel loss of He coolant and loss of flow without scram (LOFWS) – were analyzed for the TBM system with a modified version of the RELAP5/MOD3 code containing liquid lithium-lead eutectic (LiPb). The code also comprised an empirical expression for MHD pressure drop relevant to three-dimensional (3D) effect, the Lubarsky–Kaufman convective heat transfer correlation for LiPb flow and the Gnielinski convective heat transfer correlation for He flow. Since both LiPb and He serve as TBM coolants, the LiPb and He ancillary cooling systems were modeled to investigate the thermal-hydraulic characteristic of the TBM system and its influence on ITER safety under those accident conditions. The TBM components and the coolants flow within the TBM were simulated with one-dimensional heat structures and their associated hydrodynamic components. ITER enclosures including vacuum vessel (VV), port cell and TCWS vault were also covered in the model for accident analyses. Through this best estimate approach, the calculation indicated that the current

Intermediate probabilistic safety assessment approach for safety critical digital systems

International Nuclear Information System (INIS)

Taeyong, Sung; Hyun Gook, Kang

2001-01-01

Even though the conventional probabilistic safety assessment methods are immature for applying to microprocessor-based digital systems, practical needs force to apply it. In the Korea, UCN 5 and 6 units are being constructed and Korean Next Generation Reactor is being designed using the digital instrumentation and control equipment for the safety related functions. Korean regulatory body requires probabilistic safety assessment. This paper analyzes the difficulties on the assessment of digital systems and suggests an intermediate framework for evaluating their safety using fault tree models. The framework deals with several important characteristics of digital systems including software modules and fault-tolerant features. We expect that the analysis result will provide valuable design feedback. (authors)

SCALE system cross-section validation for criticality safety analysis

International Nuclear Information System (INIS)

Hathout, A.M.; Westfall, R.M.; Dodds, H.L. Jr.

1980-01-01

The purpose of this study is to test selected data from three cross-section libraries for use in the criticality safety analysis of UO 2 fuel rod lattices. The libraries, which are distributed with the SCALE system, are used to analyze potential criticality problems which could arise in the industrial fuel cycle for PWR and BWR reactors. Fuel lattice criticality problems could occur in pool storage, dry storage with accidental moderation, shearing and dissolution of irradiated elements, and in fuel transport and storage due to inadequate packing and shipping cask design. The data were tested by using the SCALE system to analyze 25 recently performed critical experiments

Nitrogen-system safety study: Portsmouth Gaseous Diffusion Plant

International Nuclear Information System (INIS)

1982-07-01

The Department of Energy has primary responsibility for the safety of operations at DOE-owned nuclear facilities. The guidelines for the analysis of credible accidents are outlined in DOE Order 5481.1. DOE has requested that existing plant facilities and operations be reviewed for potential safety problems not covered by standard industrial safety procedures. This review is being conducted by investigating individual facilities and documenting the results in Safety Study Reports which will be compiled to form the Existing Plant Final Safety Analysis Report which is scheduled for completion in September, 1984. This Safety Study documents the review of the Plant Nitrogen System facilities and operations and consists of Section 4.0, Facility and Process Description, and Section 5.0, Accident Analysis, of the Final Safety Analysis Report format. The existing nitrogen system consists of a Superior Air Products Company Type D Nitrogen Plant, nitrogen storage facilities, vaporization facilities and a distribution system. The system is designed to generate and distribute nitrogen gas used in the cascade for seal feed, buffer systems, and for servicing equipment when exceptionally low dew points are required. Gaseous nitrogen is also distributed to various process auxiliary buildings. The average usage is approximately 130,000 standard cubic feet per day

Software Quality Assurance for Nuclear Safety Systems

International Nuclear Information System (INIS)

Sparkman, D R; Lagdon, R

2004-01-01

The US Department of Energy has undertaken an initiative to improve the quality of software used to design and operate their nuclear facilities across the United States. One aspect of this initiative is to revise or create new directives and guides associated with quality practices for the safety software in its nuclear facilities. Safety software includes the safety structures, systems, and components software and firmware, support software and design and analysis software used to ensure the safety of the facility. DOE nuclear facilities are unique when compared to commercial nuclear or other industrial activities in terms of the types and quantities of hazards that must be controlled to protect workers, public and the environment. Because of these differences, DOE must develop an approach to software quality assurance that ensures appropriate risk mitigation by developing a framework of requirements that accomplishes the following goals: (sm b ullet) Ensures the software processes developed to address nuclear safety in design, operation, construction and maintenance of its facilities are safe (sm b ullet) Considers the larger system that uses the software and its impacts (sm b ullet) Ensures that the software failures do not create unsafe conditions Software designers for nuclear systems and processes must reduce risks in software applications by incorporating processes that recognize, detect, and mitigate software failure in safety related systems. It must also ensure that fail safe modes and component testing are incorporated into software design. For nuclear facilities, the consideration of risk is not necessarily sufficient to ensure safety. Systematic evaluation, independent verification and system safety analysis must be considered for software design, implementation, and operation. The software industry primarily uses risk analysis to determine the appropriate level of rigor applied to software practices. This risk-based approach distinguishes safety

Safety analysis report for packaging (onsite) doorstop samplecarrier system

Energy Technology Data Exchange (ETDEWEB)

Obrien, J.H.

1997-02-24

The Doorstop Sample Carrier System consists of a Type B certified N-55 overpack, U.S. Department of Transportation (DOT) specification or performance-oriented 208-L (55-gal) drum (DOT 208-L drum), and Doorstop containers. The purpose of the Doorstop Sample Carrier System is to transport samples onsite for characterization. This safety analysis report for packaging (SARP) provides the analyses and evaluation necessary to demonstrate that the Doorstop Sample Carrier System meets the requirements and acceptance criteria for both Hanford Site normal transport conditions and accident condition events for a Type B package. This SARP also establishes operational, acceptance, maintenance, and quality assurance (QA) guidelines to ensure that the method of transport for the Doorstop Sample Carrier System is performed safely in accordance with WHC-CM-2-14, Hazardous Material Packaging and Shipping.

Safety-critical Java for embedded systems

DEFF Research Database (Denmark)

Schoeberl, Martin; Dalsgaard, Andreas Engelbredt; Hansen, René Rydhof

2016-01-01

This paper presents the motivation for and outcomes of an engineering research project on certifiable Javafor embedded systems. The project supports the upcoming standard for safety-critical Java, which defines asubset of Java and libraries aiming for development of high criticality systems....... The outcome of this projectinclude prototype safety-critical Java implementations, a time-predictable Java processor, analysis tools formemory safety, and example applications to explore the usability of safety-critical Java for this applicationarea. The text summarizes developments and key contributions...

Ignalina Safety Analysis Group

International Nuclear Information System (INIS)

Ushpuras, E.

1995-01-01

The article describes the fields of activities of Ignalina NPP Safety Analysis Group (ISAG) in the Lithuanian Energy Institute and overview the main achievements gained since the group establishment in 1992. The group is working under the following guidelines: in-depth analysis of the fundamental physical processes of RBMK-1500 reactors; collection, systematization and verification of the design and operational data; simulation and analysis of potential accident consequences; analysis of thermohydraulic and neutronic characteristics of the plant; provision of technical and scientific consultations to VATESI, Governmental authorities, and also international institutions, participating in various projects aiming at Ignalina NPP safety enhancement. The ISAG is performing broad scientific co-operation programs with both Eastern and Western scientific groups, supplying engineering assistance for Ignalina NPP. ISAG is also participating in the joint Lithuanian - Swedish - Russian project - Barselina, the first Probabilistic Safety Assessment (PSA) study of Ignalina NPP. The work is underway together with Maryland University (USA) for assessment of the accident confinement system for a range of breaks in the primary circuit. At present the ISAG personnel is also involved in the project under the grant from the Nuclear Safety Account, administered by the European Bank for reconstruction and development for the preparation and review of an in-depth safety assessment of the Ignalina plant

NPP Temelin safety analysis reports and PSA status

International Nuclear Information System (INIS)

Mlady, O.

1999-01-01

To enhance the safety level of Temelin NPP, recommendations of the international reviews were implemented into the design as well as into organization of the plant construction and preparation for operation. The safety assessment of these design changes has been integrated and reflected in the Safety Analysis Reports, which follow the internationally accepted guidelines. All safety analyses within Safety Analysis Reports were repeated carefully considering technical improvements and replacements to complement preliminary safety documentation. These analyses were performed by advanced western computer codes to the depth and in the structure required by western standards. The Temelin NPP followed a systematic approach in the functional design of the Reactor Protection System and related safety analyses. Modifications of reactor protection system increase defense in depth and facilitate demonstrating that LOCA and radiological limits are met for non-LOCA events. The rigorous safety analysis methodology provides assurance that LOCA and radiological limits are met. Established and accepted safety analysis methodology and accepted criteria were applied to Temelin NPP meeting US NRC and Czech Republic requirements. IAEA guidelines and recommendations

Qualification of safety-critical software for digital reactor safety system in nuclear power plants

International Nuclear Information System (INIS)

Kwon, Kee-Choon; Park, Gee-Yong; Kim, Jang-Yeol; Lee, Jang-Soo

2013-01-01

This paper describes the software qualification activities for the safety-critical software of the digital reactor safety system in nuclear power plants. The main activities of the software qualification processes are the preparation of software planning documentations, verification and validation (V and V) of the software requirements specifications (SRS), software design specifications (SDS) and codes, and the testing of the integrated software and integrated system. Moreover, the software safety analysis and software configuration management are involved in the software qualification processes. The V and V procedure for SRS and SDS contains a technical evaluation, licensing suitability evaluation, inspection and traceability analysis, formal verification, software safety analysis, and an evaluation of the software configuration management. The V and V processes for the code are a traceability analysis, source code inspection, test case and test procedure generation. Testing is the major V and V activity of the software integration and system integration phases. The software safety analysis employs a hazard operability method and software fault tree analysis. The software configuration management in each software life cycle is performed by the use of a nuclear software configuration management tool. Through these activities, we can achieve the functionality, performance, reliability, and safety that are the major V and V objectives of the safety-critical software in nuclear power plants. (author)

From Safety Analysis to Formal Specification

DEFF Research Database (Denmark)

Hansen, Kirsten Mark; Ravn, Anders P.; Stavridou, Victoria

1998-01-01

Software for safety critical systems must deal with the hazards identified bysafety analysis. This paper investigates, how the results of onesafety analysis technique, fault trees, are interpreted as software safetyrequirements to be used in the program design process. We propose thatfault tree...... analysis and program development use the samesystem model. This model is formalized in areal-time, interval logic, based on a conventional dynamic systems modelwith state evolving over time. Fault trees are interpreted astemporal formulas, and it is shown how such formulas can be usedfor deriving safety...

Reliability analysis of the reconstructed safety systems of the Kozloduy-2 WWER-440/V-230 reactor

Energy Technology Data Exchange (ETDEWEB)

Kalchev, B [Energoproekt, Sofia (Bulgaria)

1996-12-31

The Unit 2 of the Kozloduy NPP started operations in 1975. As it is designed according to safety standards of the middle sixties, it needs reconstruction in order to prolong its operational life up to the design age of 30 years, in agreement with the increased safety requirements in Bulgaria. The reliability analyses of front line systems of the unit are performed to this end. The approach taken in the study is the fault tree methodology to determine the unavailability of each system. Common mode failures are considered for the pumps and valves using the beta factor method. The mission time for each system is 24 hours and the test period is 720 hours. Support systems and human errors are also included. All the systems control and instrumentation signals are modelled explicitly in the fault trees. The generic IDEA reliability data base is used for all quantifications. The initiating events that would require the system operation are presented and on this basis the thermohydraulic analysis success criteria for each system are determined. The code for probabilistic safety assessment PSAPACK is used. Fault trees for the following front line safety systems are constructed: the high pressure injection system, the spray system and the auxiliary feed water system. The analysis consider some proposed decisions for reconstruction. The results show that the reliability of these systems has increased after reconstruction and the safety has been upgraded. This decrease the core damage frequency from 3.53E{sup -3}, 1/RY to 1.07E{sup -3}, 1/RY. 5 refs., 2 tabs., 5 figs.

Reliability analysis of the reconstructed safety systems of the Kozloduy-2 WWER-440/V-230 reactor

International Nuclear Information System (INIS)

Kalchev, B.

1995-01-01

The Unit 2 of the Kozloduy NPP started operations in 1975. As it is designed according to safety standards of the middle sixties, it needs reconstruction in order to prolong its operational life up to the design age of 30 years, in agreement with the increased safety requirements in Bulgaria. The reliability analyses of front line systems of the unit are performed to this end. The approach taken in the study is the fault tree methodology to determine the unavailability of each system. Common mode failures are considered for the pumps and valves using the beta factor method. The mission time for each system is 24 hours and the test period is 720 hours. Support systems and human errors are also included. All the systems control and instrumentation signals are modelled explicitly in the fault trees. The generic IDEA reliability data base is used for all quantifications. The initiating events that would require the system operation are presented and on this basis the thermohydraulic analysis success criteria for each system are determined. The code for probabilistic safety assessment PSAPACK is used. Fault trees for the following front line safety systems are constructed: the high pressure injection system, the spray system and the auxiliary feed water system. The analysis consider some proposed decisions for reconstruction. The results show that the reliability of these systems has increased after reconstruction and the safety has been upgraded. This decrease the core damage frequency from 3.53E -3 , 1/RY to 1.07E -3 , 1/RY. 5 refs., 2 tabs., 5 figs

Preliminary systems-interaction results from the Digraph Matrix Analysis of the Watts Bar Nuclear Power Plant safety-injection systems

International Nuclear Information System (INIS)

Sacks, I.J.; Ashmore, B.C.; Champney, J.M.; Alesso, H.P.

1983-06-01

This report provides preliminary results generated by a Digraph Matrix Analysis (DMA) for a Systems Interaction analysis performed on the Safety Injection System of the Tennessee Valley Authority Watts Bar Nuclear Power Plant. An overview of DMA is provided along with a brief description of the computer codes used in DMA

STARS software tool for analysis of reliability and safety

International Nuclear Information System (INIS)

Poucet, A.; Guagnini, E.

1989-01-01

This paper reports on the STARS (Software Tool for the Analysis of Reliability and Safety) project aims at developing an integrated set of Computer Aided Reliability Analysis tools for the various tasks involved in systems safety and reliability analysis including hazard identification, qualitative analysis, logic model construction and evaluation. The expert system technology offers the most promising perspective for developing a Computer Aided Reliability Analysis tool. Combined with graphics and analysis capabilities, it can provide a natural engineering oriented environment for computer assisted reliability and safety modelling and analysis. For hazard identification and fault tree construction, a frame/rule based expert system is used, in which the deductive (goal driven) reasoning and the heuristic, applied during manual fault tree construction, is modelled. Expert system can explain their reasoning so that the analyst can become aware of the why and the how results are being obtained. Hence, the learning aspect involved in manual reliability and safety analysis can be maintained and improved

Reliability analysis of repairable safety systems of a reprocessing plant allowing for tolerable system downtimes

International Nuclear Information System (INIS)

Schaefer, H.

1987-01-01

GRS has been engaged in safety analysises of the German Reprocessing Plant for several years. The development and verification of appropriate reliability analysis methods, the generation of data as well as the search for an adequate structural presentation of the results to form a basis of recommendations for technical or administrative measures or contributions to risk oriented evaluations have been or are in the process of being established. In contrast to NPP-studies, the reliability assessment of safety systems of a reprocessing plant is applied to repairable and often relatively small systems allowing for tolerable system downtimes. A sketch of the diverse cooling systems of a vessel containing a selfheating solution is given. The interruption of the cooling function for about one day might be tolerable before boiling will be reached. This interval is suitable for transfer of the solution to a spare vessel or for repairing the failed components, thus restoring the cooling function

Operation safety of control systems. Principles and methods

International Nuclear Information System (INIS)

Aubry, J.F.; Chatelet, E.

2008-01-01

This article presents the main operation safety methods that can be implemented to design safe control systems taking into account the behaviour of the different components with each other (binary 'operation/failure' behaviours, non-consistent behaviours and 'hidden' failures, dynamical behaviours and temporal aspects etc). To take into account these different behaviours, advanced qualitative and quantitative methods have to be used which are described in this article: 1 - qualitative methods of analysis: functional analysis, preliminary risk analysis, failure mode and failure effects analyses; 2 - quantitative study of systems operation safety: binary representation models, state space-based methods, event space-based methods; 3 - application to the design of control systems: safe specifications of a control system, qualitative analysis of operation safety, quantitative analysis, example of application; 4 - conclusion. (J.S.)

Plant air systems safety study: Portsmouth Gaseous Diffusion Plant

International Nuclear Information System (INIS)

1982-05-01

The Portsmouth Gaseous Diffusion Plant Air System facilities and operations are reviewed for potential safety problems not covered by standard industrial safety procedures. Information is presented under the following section headings: facility and process description (general); air plant equipment; air distribution system; safety systems; accident analysis; plant air system safety overview; and conclusion

A framework for the system-of-systems analysis of the risk for a safety-critical plant exposed to external events

International Nuclear Information System (INIS)

Zio, E.; Ferrario, E.

2013-01-01

We consider a critical plant exposed to risk from external events. We propose an original framework of analysis, which extends the boundaries of the study to the interdependent infrastructures which support the plant. For the purpose of clearly illustrating the conceptual framework of system-of-systems analysis, we work out a case study of seismic risk for a nuclear power plant embedded in the connected power and water distribution, and transportation networks which support its operation. The technical details of the systems considered (including the nuclear power plant) are highly simplified, in order to preserve the purpose of illustrating the conceptual, methodological framework of analysis. Yet, as an example of the approaches that can be used to perform the analysis within the proposed framework, we consider the Muir Web as system analysis tool to build the system-of-systems model and Monte Carlo simulation for the quantitative evaluation of the model. The numerical exercise, albeit performed on a simplified case study, serves the purpose of showing the opportunity of accounting for the contribution of the interdependent infrastructure systems to the safety of a critical plant. This is relevant as it can lead to considerations with respect to the decision making related to safety critical-issues. -- Highlights: ► We consider a critical plant exposed to risk from external events. ► We consider also the interdependent infrastructures that support the plant. ► We use Muir Web as system analysis tool to build the system-of-systems model. ► We use Monte Carlo simulation for the quantitative evaluation of the model. ► We find that the interdependent infrastructures should be considered as they can be a support for the critical plant safety

The PSA of safety-critical digital I and C system: the determination of important factors and sensitivity analysis

International Nuclear Information System (INIS)

Kang, H. G.; Sung, T. Y.; Eom, H. S.; Jeong, H. S.; Park, J. K.; Lee, K. Y.; Park, J. K.

2002-01-01

This report is prepared to suggest a practical Probabilistic Safety Assessment (PSA) methodology of safety-critical digital instrumentation and control (I and C) systems. Even though conventional probabilistic safety assessment methods are immature for applying to microprocessor-based digital systems, practical needs force to apply it because the result of probabilistic safety assessment plays very important role in proving the safety of a designed system. Microprocessors and software technologies make the digital system very complex and hard to analyze the safety of their applications. The aim of this is: (1) To summarize the factors which should be represented by the model for probabilistic safety assessment and to propose a standpoint of evaluation for digital systems. (2) To quantitatively presents the results of a mathematical case study which examines the analysis framework of the safety of digital systems in the context of the PSA. (3) To show the results of a sensitivity study for some critical factors

Probabilistic Safety Assessment: An Effective Tool to Support “Systemic Approach” to Nuclear Safety and Analysis of Human and Organizational Aspects

International Nuclear Information System (INIS)

Kuzmina, I.

2016-01-01

The Probabilistic Safety Assessment (PSA) represents a comprehensive conceptual and analytical tool for quantitative evaluation of risk of undesirable consequences from nuclear facilities and drawing on qualitative insights for nuclear safety. PSA considers various technical, human, and organizational factors in an integral manner thus explicitly pursuing a true ‘systemic approach’ to safety and enabling holistic insights for further safety improvement. Human Reliability Analysis (HRA) is one of the major tasks within PSA. The poster paper provides an overview of the objectives and scope of PSA and HRA and discusses on further needs in the area of HRA. (author)

Analysis of developed transition road safety barrier systems.

Science.gov (United States)

Soltani, Mehrtash; Moghaddam, Taher Baghaee; Karim, Mohamed Rehan; Sulong, N H Ramli

2013-10-01

Road safety barriers protect vehicles from roadside hazards by redirecting errant vehicles in a safe manner as well as providing high levels of safety during and after impact. This paper focused on transition safety barrier systems which were located at the point of attachment between a bridge and roadside barriers. The aim of this study was to provide an overview of the behavior of transition systems located at upstream bridge rail with different designs and performance levels. Design factors such as occupant risk and vehicle trajectory for different systems were collected and compared. To achieve this aim a comprehensive database was developed using previous studies. The comparison showed that Test 3-21, which is conducted by impacting a pickup truck with speed of 100 km/h and angle of 25° to transition system, was the most severe test. Occupant impact velocity and ridedown acceleration for heavy vehicles were lower than the amounts for passenger cars and pickup trucks, and in most cases higher occupant lateral impact ridedown acceleration was observed on vehicles subjected to higher levels of damage. The best transition system was selected to give optimum performance which reduced occupant risk factors using the similar crashes in accordance with Test 3-21. Copyright © 2013 Elsevier Ltd. All rights reserved.

Statistical considerations on safety analysis

International Nuclear Information System (INIS)

Pal, L.; Makai, M.

2004-01-01

The authors have investigated the statistical methods applied to safety analysis of nuclear reactors and arrived at alarming conclusions: a series of calculations with the generally appreciated safety code ATHLET were carried out to ascertain the stability of the results against input uncertainties in a simple experimental situation. Scrutinizing those calculations, we came to the conclusion that the ATHLET results may exhibit chaotic behavior. A further conclusion is that the technological limits are incorrectly set when the output variables are correlated. Another formerly unnoticed conclusion of the previous ATHLET calculations that certain innocent looking parameters (like wall roughness factor, the number of bubbles per unit volume, the number of droplets per unit volume) can influence considerably such output parameters as water levels. The authors are concerned with the statistical foundation of present day safety analysis practices and can only hope that their own misjudgment will be dispelled. Until then, the authors suggest applying correct statistical methods in safety analysis even if it makes the analysis more expensive. It would be desirable to continue exploring the role of internal parameters (wall roughness factor, steam-water surface in thermal hydraulics codes, homogenization methods in neutronics codes) in system safety codes and to study their effects on the analysis. In the validation and verification process of a code one carries out a series of computations. The input data are not precisely determined because measured data have an error, calculated data are often obtained from a more or less accurate model. Some users of large codes are content with comparing the nominal output obtained from the nominal input, whereas all the possible inputs should be taken into account when judging safety. At the same time, any statement concerning safety must be aleatory, and its merit can be judged only when the probability is known with which the

Safety analysis procedures for PHWR

International Nuclear Information System (INIS)

Min, Byung Joo; Kim, Hyoung Tae; Yoo, Kun Joong

2004-03-01

The methodology of safety analyses for CANDU reactors in Canada, a vendor country, uses a combination of best-estimate physical models and conservative input parameters so as to minimize the uncertainty of the plant behavior predictions. As using the conservative input parameters, the results of the safety analyses are assured the regulatory requirements such as the public dose, the integrity of fuel and fuel channel, the integrity of containment and reactor structures, etc. However, there is not the comprehensive and systematic procedures for safety analyses for CANDU reactors in Korea. In this regard, the development of the safety analyses procedures for CANDU reactors is being conducted not only to establish the safety analyses system, but also to enhance the quality assurance of the safety assessment. In the first phase of this study, the general procedures of the deterministic safety analyses are developed. The general safety procedures are covered the specification of the initial event, selection of the methodology and accident sequences, computer codes, safety analysis procedures, verification of errors and uncertainties, etc. Finally, These general procedures of the safety analyses are applied to the Large Break Loss Of Coolant Accident (LBLOCA) in Final Safety Analysis Report (FSAR) for Wolsong units 2, 3, 4

Safety Justification and Safety Case for Safety-critical Software in Digital Reactor Protection System

International Nuclear Information System (INIS)

Kwon, Kee-Choon; Lee, Jang-Soo; Jee, Eunkyoung

2016-01-01

Nuclear safety-critical software is under strict regulatory requirements and these regulatory requirements are essential for ensuring the safety of nuclear power plants. The verification & validation (V and V) and hazard analysis of the safety-critical software are required to follow regulatory requirements through the entire software life cycle. In order to obtain a license from the regulatory body through the development and validation of safety-critical software, it is essential to meet the standards which are required by the regulatory body throughout the software development process. Generally, large amounts of documents, which demonstrate safety justification including standard compliance, V and V, hazard analysis, and vulnerability assessment activities, are submitted to the regulatory body during the licensing process. It is not easy to accurately read and evaluate the whole documentation for the development activities, implementation technology, and validation activities. The safety case methodology has been kwon a promising approach to evaluate the level and depth of the development and validation results. A safety case is a structured argument, supported by a body of evidence that provides a compelling, comprehensible, and valid case that a system is safe for a given application in a given operating environment. It is suggested to evaluate the level and depth of the results of development and validation by applying safety case methodology to achieve software safety demonstration. A lot of documents provided as evidence are connected to claim that corresponds to the topic for safety demonstration. We demonstrated a case study in which more systematic safety demonstration for the target system software is performed via safety case construction than simply listing the documents

Safety Justification and Safety Case for Safety-critical Software in Digital Reactor Protection System

Energy Technology Data Exchange (ETDEWEB)

Kwon, Kee-Choon; Lee, Jang-Soo [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of); Jee, Eunkyoung [KAIST, Daejeon (Korea, Republic of)

2016-10-15

Nuclear safety-critical software is under strict regulatory requirements and these regulatory requirements are essential for ensuring the safety of nuclear power plants. The verification & validation (V and V) and hazard analysis of the safety-critical software are required to follow regulatory requirements through the entire software life cycle. In order to obtain a license from the regulatory body through the development and validation of safety-critical software, it is essential to meet the standards which are required by the regulatory body throughout the software development process. Generally, large amounts of documents, which demonstrate safety justification including standard compliance, V and V, hazard analysis, and vulnerability assessment activities, are submitted to the regulatory body during the licensing process. It is not easy to accurately read and evaluate the whole documentation for the development activities, implementation technology, and validation activities. The safety case methodology has been kwon a promising approach to evaluate the level and depth of the development and validation results. A safety case is a structured argument, supported by a body of evidence that provides a compelling, comprehensible, and valid case that a system is safe for a given application in a given operating environment. It is suggested to evaluate the level and depth of the results of development and validation by applying safety case methodology to achieve software safety demonstration. A lot of documents provided as evidence are connected to claim that corresponds to the topic for safety demonstration. We demonstrated a case study in which more systematic safety demonstration for the target system software is performed via safety case construction than simply listing the documents.

Integrated framework for dynamic safety analysis

International Nuclear Information System (INIS)

Kim, Tae Wan; Karanki, Durga R.

2012-01-01

In the conventional PSA (Probabilistic Safety Assessment), detailed plant simulations by independent thermal hydraulic (TH) codes are used in the development of accident sequence models. Typical accidents in a NPP involve complex interactions among process, safety systems, and operator actions. As independent TH codes do not have the models of operator actions and full safety systems, they cannot literally simulate the integrated and dynamic interactions of process, safety systems, and operator responses. Offline simulation with pre decided states and time delays may not model the accident sequences properly. Moreover, when stochastic variability in responses of accident models is considered, defining all the combinations for simulations will be cumbersome task. To overcome some of these limitations of conventional safety analysis approach, TH models are coupled with the stochastic models in the dynamic event tree (DET) framework, which provides flexibility to model the integrated response due to better communication as all the accident elements are in the same model. The advantages of this framework also include: Realistic modeling in dynamic scenarios, comprehensive results, integrated approach (both deterministic and probabilistic models), and support for HRA (Human Reliability Analysis)

A study on optimization of the nuclear safety system

International Nuclear Information System (INIS)

Lee, Sang Hoon; Koh, Byung Joon; Kim, Jin Soo; Kim, Byoung Do; Cho, Seong Won; Kwon, Seog Kwon; Choi, Kwang Sik

1986-12-01

The number of nuclear facilities (nuclear power plants, research reactors, nuclear fuel facilities) under construction or in operation in Korea continues to increase and this has brought about increased importance and concerns toward nuclear safety in Korea. Also, domestic nuclear related organizations are increasingly carrying out the design/construction of nuclear power plants and the development /supply of nuclear fuels. In order to flexibly respond to these changes and to suggest direction to take, it is necessary to re-examine the current nuclear safety regulation system. This study is carried out in two stages and this report describes the results of the analysis and the assessment of the nuclear licencing system of such foreign countries as sweden and German, as the first of the two. In this regard, this study includes the analysis on the backgrounds on the choice of nuclear licensing system, the analysis on the licensing procedures, the analysis on the safety inspection system and the enforcement laws, the analysis on the structure and function of the regulatory, business and research organizations as well as the analysis on the relationship between the safety research and the regulatory duties. In this study, the German safety inspection system and the enforcement procedures and the Swedish nuclear licensing system are analyzed in detail. By comparing and assessing the finding with the current Korea Nuclear Licensing System, this study points out some reform measures of the Korean system that needs to improved. With the changing situations in mind, this study aims to develop the nuclear safety regulation system optimized for Korean situation by re-examining the current regulation system. (Author)

Implementation of a patient safety program at a tertiary health system: A longitudinal analysis of interventions and serious safety events.

Science.gov (United States)

Cropper, Douglas P; Harb, Nidal H; Said, Patricia A; Lemke, Jon H; Shammas, Nicolas W

2018-04-01

We hypothesize that implementation of a safety program based on high reliability organization principles will reduce serious safety events (SSE). The safety program focused on 7 essential elements: (a) safety rounding, (b) safety oversight teams, (c) safety huddles, (d) safety coaches, (e) good catches/safety heroes, (f) safety education, and (g) red rule. An educational curriculum was implemented focusing on changing high-risk behaviors and implementing critical safety policies. All unusual occurrences were captured in the Midas system and investigated by risk specialists, the safety officer, and the chief medical officer. A multidepartmental committee evaluated these events, and a root cause analysis (RCA) was performed. Events were tabulated and serious safety event (SSE) recorded and plotted over time. Safety success stories (SSSs) were also evaluated over time. A steady drop in SSEs was seen over 9 years. Also a rise in SSSs was evident, reflecting on staff engagement in the program. The parallel change in SSEs, SSSs, and the implementation of various safety interventions highly suggest that the program was successful in achieving its goals. A safety program based on high-reliability organization principles and made a core value of the institution can have a significant positive impact on reducing SSEs. © 2018 American Society for Healthcare Risk Management of the American Hospital Association.

System analysis of nuclear safety of VVER reactor with MOX fuel

Energy Technology Data Exchange (ETDEWEB)

Klimov, A.D.; Zharkov, V.P.; Suslov, I.R. [Russia, Moscow Malaya Krasnoselskaya St. (Russian Federation); Boyarinov, V.F.; Kevrolev, V.V.; Tchibinyaev, A.V.; Tsibulskiy, V.F. [RRC KI, Russia, Moscow (Russian Federation); Kochurov, B.P. [ITEP, Russia, Moscow (Russian Federation); Giovanni, B. [NFPSC, FRAMATOME (France)

2005-07-01

The report presents a short summary of the results achieved in the ISTC (International Science and Technology Center) project 'System analysis of nuclear safety of VVER reactor with MOX fuel' (April 2005). The studies within the project are of a systematic character and include the solutions of 15 tasks. The report gives an overview of the major blocks of these tasks: neutron transport equation solution; calculations of isotopic vectors, analysis of the impact of uncertainties on predicted reactor functionals. The calculation methods, the verification results and the corresponding codes are briefly described. (authors)

The software safety analysis based on SFTA for reactor power regulating system in nuclear power plant

International Nuclear Information System (INIS)

Liu Zhaohui; Yang Xiaohua; Liao Longtao; Wu Zhiqiang

2015-01-01

The digitalized Instrumentation and Control (I and C) system of Nuclear power plants can provide many advantages. However, digital control systems induce new failure modes that differ from those of analog control systems. While the cost effectiveness and flexibility of software is widely recognized, it is very difficult to achieve and prove high levels of dependability and safety assurance for the functions performed by process control software, due to the very flexibility and potential complexity of the software itself. Software safety analysis (SSA) was one way to improve the software safety by identify the system hazards caused by software failure. This paper describes the application of a software fault tree analysis (SFTA) at the software design phase. At first, we evaluate all the software modules of the reactor power regulating system in nuclear power plant and identify various hazards. The SFTA was applied to some critical modules selected from the previous step. At last, we get some new hazards that had not been identified in the prior processes of the document evaluation which were helpful for our design. (author)

Decision support systems and expert systems for risk and safety analysis

International Nuclear Information System (INIS)

Baybutt, P.

1986-01-01

During the last 1-2 years, rapid developments have occurred in the development of decision support systems and expert systems to aid in decision making related to risk and safety of industrial plants. These activities are most noteworthy in the nuclear industry where numerous systems are under development with implementation often being made on personal computers. An overview of some of these developments is provided, and an example of one recently developed decision support system is given. This example deals with CADET, a system developed to aid the U.S. Nuclear Regulatory Commission in making decisions related to the topical issue of source terms resulting from degraded core accidents in light water reactors. The paper concludes with some comments on the likely directions of future developments in decision support systems and expert systems to aid in the management of risk and safety in industrial plants. (author)

Safety assessment for Generation IV nuclear systems

International Nuclear Information System (INIS)

Leahy, T.J.

2012-01-01

The Generation IV International Forum (GIF) Risk and Safety Working Group (RSWG) was created to develop an effective approach for the safety of Generation IV advanced nuclear energy systems. Recent RSWG work has focused on the definition of an integrated safety assessment methodology (ISAM) for evaluating the safety of Generation IV systems. ISAM is an integrated 'tool-kit' consisting of 5 analytical techniques that are available and matched to appropriate stages of Generation IV system concept development: 1) qualitative safety features review - QSR, 2) phenomena identification and ranking table - PIRT, 3) objective provision tree - OPT, 4) deterministic and phenomenological analyses - DPA, and 5) probabilistic safety analysis - PSA. The integrated methodology is intended to yield safety-related insights that help actively drive the evolving design throughout the technology development cycle, potentially resulting in enhanced safety, reduced costs, and shortened development time

Ergonomics in the context of system safety

International Nuclear Information System (INIS)

Donnelly, K.E.

1984-01-01

In a complex industrial environment, ergonomics must be combined with management science and systems analysis to produce a program which can create effective change and improve safety performance. We give an overview of such an approach, namely System Safety, so that its ergonomic content may be seen

Infusing Reliability Techniques into Software Safety Analysis

Science.gov (United States)

Shi, Ying

2015-01-01

Software safety analysis for a large software intensive system is always a challenge. Software safety practitioners need to ensure that software related hazards are completely identified, controlled, and tracked. This paper discusses in detail how to incorporate the traditional reliability techniques into the entire software safety analysis process. In addition, this paper addresses how information can be effectively shared between the various practitioners involved in the software safety analyses. The author has successfully applied the approach to several aerospace applications. Examples are provided to illustrate the key steps of the proposed approach.

Development and implementation of setpoint tolerances for special safety systems

International Nuclear Information System (INIS)

Oliva, A.F.; Balog, G.; Parkinson, D.G.; Archinoff, G.H.

1991-01-01

The establishment of tolerances and impairment limits for special safety system setpoints is part of the process whereby the plant operator demonstrates to the regulatory authority that the plant operates safely and within the defined plant licensing envelope. The licensing envelope represents the set of limits and plant operating state and for which acceptably safe plant operation has been demonstrated by the safety analysis. By definition, operation beyond this envelope contributes to overall safety system unavailability. Definition of the licensing envelope is provided in a wide range of documents including the plant operating licence, the safety report, and the plant operating policies and principles documents. As part of the safety analysis, limits are derived for each special safety system initiating parameter such that the relevant safety design objectives are achieved for all design basis events. If initiation on a given parameter occurs at a level beyond its limit, there is a potential reduction in safety system effectiveness relative to the performance credited in the plant safety analysis. These safety system parameter limits, when corrected for random and systematic instrument errors and other errors inherent in the process of periodic testing or calibration, are then used to derive parameter impairment levels and setpoint tolerances. This paper describes the methodology that has evolved at Ontario Hydro for developing and implementing tolerances for special safety system parameters (i.e., the shutdown systems, emergency coolant injection system and containment system). Tolerances for special safety system initiation setpoints are addressed specifically, although many of the considerations discussed here will apply to performance limits for other safety system components. The first part of the paper deals with the approach that has been adopted for defining and establishing setpoint limits and tolerances. The remainder of the paper addresses operational

Engineered safeguards and passive safety features (safety analysis detailed report no. 6)

Energy Technology Data Exchange (ETDEWEB)

1988-01-15

The Safety-Analysis Summary lists the reactor's safety aspects for passive and active prevention of severe accidents and mitigation of accident consequences, i.e., intrinsic and passive protections of the plant; intrinsic and passive protections of the core; inherent decay-heat removal systems; rapid-shutdown systems; four physical containment barriers. This report goes into further details regarding some of this aspects.

MSSV Modeling for Wolsong-1 Safety Analysis

Energy Technology Data Exchange (ETDEWEB)

Moon, Bok Ja; Choi, Chul Jin; Kim, Seoung Rae [KEPCO EandC, Daejeon (Korea, Republic of)

2010-10-15

The main steam safety valves (MSSVs) are installed on the main steam line to prevent the overpressurization of the system. MSSVs are held in closed position by spring force and the valves pop open by internal force when the main steam pressure increases to open set pressure. If the overpressure condition is relieved, the valves begin to close. For the safety analysis of anticipated accident condition, the safety systems are modeled conservatively to simulate the accident condition more severe. MSSVs are also modeled conservatively for the analysis of over-pressurization accidents. In this paper, the pressure transient is analyzed at over-pressurization condition to evaluate the conservatism for MSSV models

Food safety performance indicators to benchmark food safety output of food safety management systems.

Science.gov (United States)

Jacxsens, L; Uyttendaele, M; Devlieghere, F; Rovira, J; Gomez, S Oses; Luning, P A

2010-07-31

There is a need to measure the food safety performance in the agri-food chain without performing actual microbiological analysis. A food safety performance diagnosis, based on seven indicators and corresponding assessment grids have been developed and validated in nine European food businesses. Validation was conducted on the basis of an extensive microbiological assessment scheme (MAS). The assumption behind the food safety performance diagnosis is that food businesses which evaluate the performance of their food safety management system in a more structured way and according to very strict and specific criteria will have a better insight in their actual microbiological food safety performance, because food safety problems will be more systematically detected. The diagnosis can be a useful tool to have a first indication about the microbiological performance of a food safety management system present in a food business. Moreover, the diagnosis can be used in quantitative studies to get insight in the effect of interventions on sector or governmental level. Copyright 2010 Elsevier B.V. All rights reserved.

Status and subjects of thermal-hydraulic analysis for next-generation LWRs with passive safety systems

Energy Technology Data Exchange (ETDEWEB)

NONE

1998-03-01

The present status and subjects on thermal-hydraulic analysis for next-generation light water reactors (LWRs) with passive safety systems were summarized based on survey results and discussion by subcommittee on improvement of reactor thermal-hydraulic analysis codes under nuclear code committee in Japan Atomic Energy Research Institute. This survey was performed to promote the research of improvement of reactor thermal-hydraulic analysis codes in future. In the first part of this report, the status and subjects on system analysis and those on evaluation of passive safety system performance are summarized for various types of reactor proposed before. In the second part, the status and subjects on multidimensional two-phase flow analysis are reviewed, since the multidimensional analysis was recognized as one of most important subjects through the investigation in the first part. Besides, databases for bubbly flow and annular dispersed flow were explored, those are needed to assess and verify each multidimensional analytical method. The contents in this report are the forefront of thermal-hydraulic analysis for LWRs and those include current findings for the development of multidimensional two-phase flow analytical method. Thus, we expect that the contents can offer various useful information against the improvement of reactor thermal-hydraulic analysis codes in future. (author)

Unavailability analysis of a PWR safety system by a Bayesian network

International Nuclear Information System (INIS)

Estevao, Lilian B.; Melo, Paulo Fernando F. Frutuoso e; Rivero, Jose J.

2013-01-01

Bayesian networks (BN) are directed acyclic graphs that have dependencies between variables, which are represented by nodes. These dependencies are represented by lines connecting the nodes and can be directed or not. Thus, it is possible to model conditional probabilities and calculate them with the help of Bayes' Theorem. The objective of this paper is to present the modeling of the failure of a safety system of a typical second generation light water reactor plant, the Containment Heat Removal System (CHRS), whose function is to cool the water of containment reservoir being recirculated through the Containment Spray Recirculation System (CSRS). CSRS is automatically initiated after a loss of coolant accident (LOCA) and together with the CHRS cools the reservoir water. The choice of this system was due to the fact that its analysis by a fault tree is available in Appendix II of the Reactor Safety Study Report (WASH-1400), and therefore all the necessary technical information is also available, such as system diagrams, failure data input and the fault tree itself that was developed to study system failure. The reason for the use of a bayesian network in this context was to assess its ability to reproduce the results of fault tree analyses and also verify the feasibility of treating dependent events. Comparing the fault trees and bayesian networks, the results obtained for the system failure were very close. (author)

Deep Borehole Disposal Safety Analysis.

Energy Technology Data Exchange (ETDEWEB)

Freeze, Geoffrey A. [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States); Stein, Emily [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States); Price, Laura L. [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States); MacKinnon, Robert J. [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States); Tillman, Jack Bruce [Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)

2016-10-01

This report presents a preliminary safety analysis for the deep borehole disposal (DBD) concept, using a safety case framework. A safety case is an integrated collection of qualitative and quantitative arguments, evidence, and analyses that substantiate the safety, and the level of confidence in the safety, of a geologic repository. This safety case framework for DBD follows the outline of the elements of a safety case, and identifies the types of information that will be required to satisfy these elements. At this very preliminary phase of development, the DBD safety case focuses on the generic feasibility of the DBD concept. It is based on potential system designs, waste forms, engineering, and geologic conditions; however, no specific site or regulatory framework exists. It will progress to a site-specific safety case as the DBD concept advances into a site-specific phase, progressing through consent-based site selection and site investigation and characterization.

Nuclear power safety reporting system feasibility analysis and concept description

International Nuclear Information System (INIS)

Finlayson, F.C.; Ims, J.R.; Hussman, T.A.

1984-01-01

The Aerospace Corporation is assisting the US Nuclear Regulatory Commission (NRC) in the evaluation of the potential attributes of a voluntary, nonpunitive data gathering system for identifying and quantifying the factors that contribute to the occurrence of significant safety problems involving humans in nuclear power plants. The objectives of the Aerospace Administration (FAA)/National Aeronautics and Space Administration (NASA) Aviation Safety Reporting System (ASRS) in order to determine whether it would be feasible to apply part (or all) of the ASRS concepts for collecting data on human factor related incidents to the nuclear industry; and (2) to identify and define the basic elements and requirements of a Nuclear Power Safety Reporting System (NPSRS), assuming the feasibility of implementing such a system was established

Safety analysis of coupling system of hybrid (MED-RO) nuclear desalination system utilising waste heat from HTGR

International Nuclear Information System (INIS)

Raha, Abhijit; Kishore, G.; Rao, I.S.; Adak, A.K.; Srivastava, V.K.; Prabhakar, S.; Tewari, P.K.

2010-01-01

To meet the generation IV goals, High Temperature Gas Cooled Reactors (HTGRs) are designed to have relatively higher thermal efficiency and enhanced safety and environmental characteristics. It can provide energy for combined production of hydrogen, electricity and other industrial applications. The waste heat available in the HTGR power cycle can also be utilized for the desalination of seawater for producing potable water. Desalination is an energy intensive process, so use of waste heat from HTGR certainly makes desalination process more affordable to create fresh water resources. So design of the coupling system, as per the safety design requirement of nuclear desalination plant, of desalination plant with HTGR is very crucial. In the first part of this paper, design of the coupling system between hybrid Multi Effect Desalination-Reverse Osmosis (MED-RO) nuclear desalination plant and HTGR to utilize the waste heat in HTGR are discussed. In the next part deterministic safety analysis of the designed coupling system of are presented in detail. It was found that all the coupling system meets the acceptance criteria for all the Postulated Initiating Events (PIE's) limited to DBA. (author)

Introduction of the system of hazard analysis critical control point to ensure the safety of irradiated food

International Nuclear Information System (INIS)

Sajet, A.S.

2014-01-01

Hazard Analysis Critical Control Point (HACCP) is a preventive system for food safety. It identifies safety risks faced by food. Identified points are controlled ensuring product safety. Because of presence of many of the pathogenic microorganisms and parasites in food which caused cases of food poisoning and many diseases transmitted through food, the current methods of food production could not prevent food contamination or prevent the growth of these pathogens completely because of being a part of the normal flora in the environment. Irradiation technology helped to control diseases transmitted through food, caused by pathological microorganisms and parasites present in food. The application of a system based on risk analysis as a means of risk management in food chain, demonstrated the importance of food irradiation. (author)

Progress in the development of methodology for fusion safety systems studies

International Nuclear Information System (INIS)

Ho, S.K.; Cambi, G.; Ciattaglia, S.; Fujii-e, Y.; Seki, Y.

1994-01-01

The development of fusion safety systems-study methodology, including the aspects of schematic classification of overall fusion safety system, qualitative assessment of fusion system for identification of critical accident scenarios, quantitative analysis of accident consequences and risk for safety design evaluation, and system-level analysis of accident consequences and risk for design optimization, by a consortium of international efforts is presented. The potential application of this methodology into reactor design studies will facilitate the systematic assessment of safety performance of reactor designs and enhance the impacts of safety considerations on the selection of design configurations

Ignalina NPP Safety Analysis: Models and Results

International Nuclear Information System (INIS)

Uspuras, E.

1999-01-01

Research directions, linked to safety assessment of the Ignalina NPP, of the scientific safety analysis group are presented: Thermal-hydraulic analysis of accidents and operational transients; Thermal-hydraulic assessment of Ignalina NPP Accident Localization System and other compartments; Structural analysis of plant components, piping and other parts of Main Circulation Circuit; Assessment of RBMK-1500 reactor core and other. Models and main works carried out last year are described. (author)

Safety analysis methodology for OPR 1000

International Nuclear Information System (INIS)

Hwang-Yong, Jun

2005-01-01

Full text: Korea Electric Power Research Institute (KEPRI) has been developing inhouse safety analysis methodology based on the delicate codes available to KEPRI to overcome the problems arising from currently used vendor oriented methodologies. For the Loss of Coolant Accident (LOCA) analysis, the KREM (KEPRI Realistic Evaluation Methodology) has been developed based on the RELAP-5 code. The methodology was approved for the Westinghouse 3-loop plants by the Korean regulatory organization and the project to extent the methodology to the Optimized Power Reactor 1000 (OPR1000) has been ongoing since 2001. Also, for the Non-LOCA analysis, the KNAP (Korea Non-LOCA Analysis Package) has been developed using the UNICORN-TM code system. To demonstrate the feasibility of these codes systems and methodologies, some typical cases of the design basis accidents mentioned in the final safety analysis report (FSAR) were analyzed. (author)

European Workshop Industrical Computer Science Systems approach to design for safety

Science.gov (United States)

Zalewski, Janusz

1992-01-01

This paper presents guidelines on designing systems for safety, developed by the Technical Committee 7 on Reliability and Safety of the European Workshop on Industrial Computer Systems. The focus is on complementing the traditional development process by adding the following four steps: (1) overall safety analysis; (2) analysis of the functional specifications; (3) designing for safety; (4) validation of design. Quantitative assessment of safety is possible by means of a modular questionnaire covering various aspects of the major stages of system development.

RAMI analysis of the ITER Central Safety System

Energy Technology Data Exchange (ETDEWEB)

Kitazawa, Sin-iti, E-mail: kitazawa.siniti@jaea.go.jp [ITER Project Unit, Japan Atomic Energy Agency (JAEA), Naka, 311-0193 Ibaraki (Japan); Okayama, Katsumi [ITER Organization, Route de Vinon sur Verdon, 13115 Saint Paul Lez Durance (France); Neyatani, Yuzuru [ITER Project Unit, Japan Atomic Energy Agency (JAEA), Naka, 311-0193 Ibaraki (Japan); Sagot, Francois; Houtte, Didier van [ITER Organization, Route de Vinon sur Verdon, 13115 Saint Paul Lez Durance (France)

2014-06-15

Highlights: • We performed the functional analysis of the ITER CSS. • We performed a failure mode analysis of the ITER CSS. • We estimated the reliability and availability of the ITER CSS. • The ITER RAMI approach was applied to the ITER CSS for technical risk control in the design phase. - Abstract: ITER is the first worldwide international project aiming to design a facility to produce nuclear fusion energy. The technical requirements of its plant systems have been established in the ITER Project Baseline. In the project, the Reliability, Availability, Maintainability and Inspectability (RAMI) approach has been adopted for technical risk control to help aid the design of the components in preparation for operation and maintenance. A RAMI analysis was performed on the conceptual design of the ITER Central Safety System (CSS). A functional breakdown was prepared in a bottom-up approach, resulting in the system being divided into 2 main functions and 20 sub-functions. These functions were described using the IDEF0 method. Reliability block diagrams were prepared to estimate the reliability and availability of each function under the stipulated operating conditions. Initial and expected scenarios were analyzed to define risk-mitigation actions. The inherent availability of the ITER CSS expected after implementation of mitigation actions was calculated to be 99.80% over 2 years, which is the typical interval of the scheduled maintenance cycles. This is consistent with the project required value of 99.9 ± 0.1%. A Failure Modes, Effects and Criticality Analysis was performed with criticality charts highlighting the risk level of the different failure modes with regard to their probability of occurrence and their effects on the availability of the plasma operation. This analysis defined when risk mitigation actions were required in terms of design, testing, operation procedures and/or maintenance to reduce the risk levels and increase the availability of the

Prospective Safety Analysis and the Complex Aviation System

Science.gov (United States)

Smith, Brian E.

2013-01-01

Fatal accident rates in commercial passenger aviation are at historic lows yet have plateaued and are not showing evidence of further safety advances. Modern aircraft accidents reflect both historic causal factors and new unexpected "Black Swan" events. The ever-increasing complexity of the aviation system, along with its associated technology and organizational relationships, provides fertile ground for fresh problems. It is important to take a proactive approach to aviation safety by working to identify novel causation mechanisms for future aviation accidents before they happen. Progress has been made in using of historic data to identify the telltale signals preceding aviation accidents and incidents, using the large repositories of discrete and continuous data on aircraft and air traffic control performance and information reported by front-line personnel. Nevertheless, the aviation community is increasingly embracing predictive approaches to aviation safety. The "prospective workshop" early assessment tool described in this paper represents an approach toward this prospective mindset-one that attempts to identify the future vectors of aviation and asks the question: "What haven't we considered in our current safety assessments?" New causation mechanisms threatening aviation safety will arise in the future because new (or revised) systems and procedures will have to be used under future contextual conditions that have not been properly anticipated. Many simulation models exist for demonstrating the safety cases of new operational concepts and technologies. However the results from such models can only be as valid as the accuracy and completeness of assumptions made about the future context in which the new operational concepts and/or technologies will be immersed. Of course that future has not happened yet. What is needed is a reasonably high-confidence description of the future operational context, capturing critical contextual characteristics that modulate

Safety analysis for research reactors

International Nuclear Information System (INIS)

2008-01-01

The aim of safety analysis for research reactors is to establish and confirm the design basis for items important to safety using appropriate analytical tools. The design, manufacture, construction and commissioning should be integrated with the safety analysis to ensure that the design intent has been incorporated into the as-built reactor. Safety analysis assesses the performance of the reactor against a broad range of operating conditions, postulated initiating events and other circumstances, in order to obtain a complete understanding of how the reactor is expected to perform in these situations. Safety analysis demonstrates that the reactor can be kept within the safety operating regimes established by the designer and approved by the regulatory body. This analysis can also be used as appropriate in the development of operating procedures, periodic testing and inspection programmes, proposals for modifications and experiments and emergency planning. The IAEA Safety Requirements publication on the Safety of Research Reactors states that the scope of safety analysis is required to include analysis of event sequences and evaluation of the consequences of the postulated initiating events and comparison of the results of the analysis with radiological acceptance criteria and design limits. This Safety Report elaborates on the requirements established in IAEA Safety Standards Series No. NS-R-4 on the Safety of Research Reactors, and the guidance given in IAEA Safety Series No. 35-G1, Safety Assessment of Research Reactors and Preparation of the Safety Analysis Report, providing detailed discussion and examples of related topics. Guidance is given in this report for carrying out safety analyses of research reactors, based on current international good practices. The report covers all the various steps required for a safety analysis; that is, selection of initiating events and acceptance criteria, rules and conventions, types of safety analysis, selection of

Safety implications of control systems

International Nuclear Information System (INIS)

Smith, O.L.

1983-01-01

The Safety Implications of Control Systems Program has three major activities in support of USI-A47. The first task is a failure mode and effects analysis of all plant systems which may potentially induce control system disturbance that have safety implications. This task has made a preliminary study of overfill events and recommended cases for further analysis on the hybrid simulator. Work continues on overcooling and undercooling. A detailed investigation of electric power network is in progress. LERs are providing guidance on important failure modes that will provide initial conditions for further simulator studies. The simulator taks is generating a detailed model of the control system supported by appropriate neutronics, hydraulics, and thermodynamics submodels of all other principal plant components. The simulator is in the last stages of development. Checkout calculations are in progress to establish model stability, robustness, and qualitative credibility. Verification against benchmark codes and plant data will follow

COLD-SAT feasibility study safety analysis

Science.gov (United States)

Mchenry, Steven T.; Yost, James M.

1991-01-01

The Cryogenic On-orbit Liquid Depot-Storage, Acquisition, and Transfer (COLD-SAT) satellite presents some unique safety issues. The feasibility study conducted at NASA-Lewis desired a systems safety program that would be involved from the initial design in order to eliminate and/or control the inherent hazards. Because of this, a hazards analysis method was needed that: (1) identified issues that needed to be addressed for a feasibility assessment; and (2) identified all potential hazards that would need to be controlled and/or eliminated during the detailed design phases. The developed analysis method is presented as well as the results generated for the COLD-SAT system.

Design and reliability, availability, maintainability, and safety analysis of a high availability quadruple vital computer system

Institute of Scientific and Technical Information of China (English)

Ping TAN; Wei-ting HE; Jia LIN; Hong-ming ZHAO; Jian CHU

2011-01-01

With the development of high-speed railways in China,more than 2000 high-speed trains will be put into use.Safety and efficiency of railway transportation is increasingly important.We have designed a high availability quadruple vital computer (HAQVC) system based on the analysis of the architecture of the traditional double 2-out-of-2 system and 2-out-of-3 system.The HAQVC system is a system with high availability and safety,with prominent characteristics such as fire-new internal architecture,high efficiency,reliable data interaction mechanism,and operation state change mechanism.The hardware of the vital CPU is based on ARM7 with the real-time embedded safe operation system (ES-OS).The Markov modeling method is designed to evaluate the reliability,availability,maintainability,and safety (RAMS) of the system.In this paper,we demonstrate that the HAQVC system is more reliable than the all voting triple modular redundancy (AVTMR) system and double 2-out-of-2 system.Thus,the design can be used for a specific application system,such as an airplane or high-speed railway system.

Development and improvement of safety analysis code for geological disposal

Energy Technology Data Exchange (ETDEWEB)

NONE

2013-08-15

In order to confirm the long-term safety concerning geological disposal, probabilistic safety assessment code and other analysis codes, which can evaluate possibility of each event and influence on engineered barrier and natural barrier by the event, were introduced. We confirmed basic functions of those codes and studied the relation between those functions and FEP/PID which should be taken into consideration in safety assessment. We are planning to develop 'Nuclide Migration Assessment System' for the purpose of realizing improvement in efficiency of assessment work, human error prevention for analysis, and quality assurance of the analysis environment and analysis work for safety assessment by using it. As the first step, we defined the system requirements and decided the system composition and functions which should be mounted in them based on those requirements. (author)

Hot Cell Facility (HCF) Safety Analysis Report

Energy Technology Data Exchange (ETDEWEB)

MITCHELL,GERRY W.; LONGLEY,SUSAN W.; PHILBIN,JEFFREY S.; MAHN,JEFFREY A.; BERRY,DONALD T.; SCHWERS,NORMAN F.; VANDERBEEK,THOMAS E.; NAEGELI,ROBERT E.

2000-11-01

This Safety Analysis Report (SAR) is prepared in compliance with the requirements of DOE Order 5480.23, Nuclear Safety Analysis Reports, and has been written to the format and content guide of DOE-STD-3009-94 Preparation Guide for U. S. Department of Energy Nonreactor Nuclear Safety Analysis Reports. The Hot Cell Facility is a Hazard Category 2 nonreactor nuclear facility, and is operated by Sandia National Laboratories for the Department of Energy. This SAR provides a description of the HCF and its operations, an assessment of the hazards and potential accidents which may occur in the facility. The potential consequences and likelihood of these accidents are analyzed and described. Using the process and criteria described in DOE-STD-3009-94, safety-related structures, systems and components are identified, and the important safety functions of each SSC are described. Additionally, information which describes the safety management programs at SNL are described in ancillary chapters of the SAR.

Hot Cell Facility (HCF) Safety Analysis Report

International Nuclear Information System (INIS)

MITCHELL, GERRY W.; LONGLEY, SUSAN W.; PHILBIN, JEFFREY S.; MAHN, JEFFREY A.; BERRY, DONALD T.; SCHWERS, NORMAN F.; VANDERBEEK, THOMAS E.; NAEGELI, ROBERT E.

2000-01-01

This Safety Analysis Report (SAR) is prepared in compliance with the requirements of DOE Order 5480.23, Nuclear Safety Analysis Reports, and has been written to the format and content guide of DOE-STD-3009-94 Preparation Guide for U. S. Department of Energy Nonreactor Nuclear Safety Analysis Reports. The Hot Cell Facility is a Hazard Category 2 nonreactor nuclear facility, and is operated by Sandia National Laboratories for the Department of Energy. This SAR provides a description of the HCF and its operations, an assessment of the hazards and potential accidents which may occur in the facility. The potential consequences and likelihood of these accidents are analyzed and described. Using the process and criteria described in DOE-STD-3009-94, safety-related structures, systems and components are identified, and the important safety functions of each SSC are described. Additionally, information which describes the safety management programs at SNL are described in ancillary chapters of the SAR

Integrated vehicle-based safety systems (IVBSS) : light vehicle platform field operational test data analysis plan.

Science.gov (United States)

2009-12-22

This document presents the University of Michigan Transportation Research Institutes plan to : perform analysis of data collected from the light vehicle platform field operational test of the : Integrated Vehicle-Based Safety Systems (IVBSS) progr...

Integrated vehicle-based safety systems (IVBSS) : heavy truck platform field operational test data analysis plan.

Science.gov (United States)

2009-11-23

This document presents the University of Michigan Transportation Research Institutes plan to perform : analysis of data collected from the heavy truck platform field operational test of the Integrated Vehicle- : Based Safety Systems (IVBSS) progra...

SEISMIC ANALYSIS FOR PRECLOSURE SAFETY

Energy Technology Data Exchange (ETDEWEB)

E.N. Lindner

2004-12-03

The purpose of this seismic preclosure safety analysis is to identify the potential seismically-initiated event sequences associated with preclosure operations of the repository at Yucca Mountain and assign appropriate design bases to provide assurance of achieving the performance objectives specified in the Code of Federal Regulations (CFR) 10 CFR Part 63 for radiological consequences. This seismic preclosure safety analysis is performed in support of the License Application for the Yucca Mountain Project. In more detail, this analysis identifies the systems, structures, and components (SSCs) that are subject to seismic design bases. This analysis assigns one of two design basis ground motion (DBGM) levels, DBGM-1 or DBGM-2, to SSCs important to safety (ITS) that are credited in the prevention or mitigation of seismically-initiated event sequences. An application of seismic margins approach is also demonstrated for SSCs assigned to DBGM-2 by showing a high confidence of a low probability of failure at a higher ground acceleration value, termed a beyond-design basis ground motion (BDBGM) level. The objective of this analysis is to meet the performance requirements of 10 CFR 63.111(a) and 10 CFR 63.111(b) for offsite and worker doses. The results of this calculation are used as inputs to the following: (1) A classification analysis of SSCs ITS by identifying potential seismically-initiated failures (loss of safety function) that could lead to undesired consequences; (2) An assignment of either DBGM-1 or DBGM-2 to each SSC ITS credited in the prevention or mitigation of a seismically-initiated event sequence; and (3) A nuclear safety design basis report that will state the seismic design requirements that are credited in this analysis. The present analysis reflects the design information available as of October 2004 and is considered preliminary. The evolving design of the repository will be re-evaluated periodically to ensure that seismic hazards are properly

SEISMIC ANALYSIS FOR PRECLOSURE SAFETY

International Nuclear Information System (INIS)

E.N. Lindner

2004-01-01

The purpose of this seismic preclosure safety analysis is to identify the potential seismically-initiated event sequences associated with preclosure operations of the repository at Yucca Mountain and assign appropriate design bases to provide assurance of achieving the performance objectives specified in the Code of Federal Regulations (CFR) 10 CFR Part 63 for radiological consequences. This seismic preclosure safety analysis is performed in support of the License Application for the Yucca Mountain Project. In more detail, this analysis identifies the systems, structures, and components (SSCs) that are subject to seismic design bases. This analysis assigns one of two design basis ground motion (DBGM) levels, DBGM-1 or DBGM-2, to SSCs important to safety (ITS) that are credited in the prevention or mitigation of seismically-initiated event sequences. An application of seismic margins approach is also demonstrated for SSCs assigned to DBGM-2 by showing a high confidence of a low probability of failure at a higher ground acceleration value, termed a beyond-design basis ground motion (BDBGM) level. The objective of this analysis is to meet the performance requirements of 10 CFR 63.111(a) and 10 CFR 63.111(b) for offsite and worker doses. The results of this calculation are used as inputs to the following: (1) A classification analysis of SSCs ITS by identifying potential seismically-initiated failures (loss of safety function) that could lead to undesired consequences; (2) An assignment of either DBGM-1 or DBGM-2 to each SSC ITS credited in the prevention or mitigation of a seismically-initiated event sequence; and (3) A nuclear safety design basis report that will state the seismic design requirements that are credited in this analysis. The present analysis reflects the design information available as of October 2004 and is considered preliminary. The evolving design of the repository will be re-evaluated periodically to ensure that seismic hazards are properly

Software safety analysis practice in installation phase

Energy Technology Data Exchange (ETDEWEB)

Huang, H. W.; Chen, M. H.; Shyu, S. S., E-mail: hwhwang@iner.gov.t [Institute of Nuclear Energy Research, No. 1000 Wenhua Road, Chiaan Village, Longtan Township, 32546 Taoyuan County, Taiwan (China)

2010-10-15

This work performed a software safety analysis in the installation phase of the Lung men nuclear power plant in Taiwan, under the cooperation of Institute of Nuclear Energy Research and Tpc. The US Nuclear Regulatory Commission requests licensee to perform software safety analysis and software verification and validation in each phase of software development life cycle with Branch Technical Position 7-14. In this work, 37 safety grade digital instrumentation and control systems were analyzed by failure mode and effects analysis, which is suggested by IEEE standard 7-4.3.2-2003. During the installation phase, skew tests for safety grade network and point to point tests were performed. The failure mode and effects analysis showed all the single failure modes can be resolved by the redundant means. Most of the common mode failures can be resolved by operator manual actions. (Author)

Software safety analysis practice in installation phase

International Nuclear Information System (INIS)

Huang, H. W.; Chen, M. H.; Shyu, S. S.

2010-10-01

This work performed a software safety analysis in the installation phase of the Lung men nuclear power plant in Taiwan, under the cooperation of Institute of Nuclear Energy Research and Tpc. The US Nuclear Regulatory Commission requests licensee to perform software safety analysis and software verification and validation in each phase of software development life cycle with Branch Technical Position 7-14. In this work, 37 safety grade digital instrumentation and control systems were analyzed by failure mode and effects analysis, which is suggested by IEEE standard 7-4.3.2-2003. During the installation phase, skew tests for safety grade network and point to point tests were performed. The failure mode and effects analysis showed all the single failure modes can be resolved by the redundant means. Most of the common mode failures can be resolved by operator manual actions. (Author)

Reliability analysis of software based safety functions

International Nuclear Information System (INIS)

Pulkkinen, U.

1993-05-01

The methods applicable in the reliability analysis of software based safety functions are described in the report. Although the safety functions also include other components, the main emphasis in the report is on the reliability analysis of software. The check list type qualitative reliability analysis methods, such as failure mode and effects analysis (FMEA), are described, as well as the software fault tree analysis. The safety analysis based on the Petri nets is discussed. The most essential concepts and models of quantitative software reliability analysis are described. The most common software metrics and their combined use with software reliability models are discussed. The application of software reliability models in PSA is evaluated; it is observed that the recent software reliability models do not produce the estimates needed in PSA directly. As a result from the study some recommendations and conclusions are drawn. The need of formal methods in the analysis and development of software based systems, the applicability of qualitative reliability engineering methods in connection to PSA and the need to make more precise the requirements for software based systems and their analyses in the regulatory guides should be mentioned. (orig.). (46 refs., 13 figs., 1 tab.)

Expressing best practices in (risk) analysis and testing of safety-critical systems using patterns

DEFF Research Database (Denmark)

Herzner, Wolfgang; Sieverding, Sven; Kacimi, Omar

2014-01-01

The continuing pervasion of our society with safety-critical cyber-physical systems not only demands for adequate (risk) analysis, testing and verification techniques, it also generates growing experience on their use, which can be considered as important as the tools themselves for their efficient...

Validation of the Continuous-Energy Monte Carlo Criticality-Safety Analysis System MVP and JENDL-3.2 Using the Internationally Evaluated Criticality Benchmarks

International Nuclear Information System (INIS)

Mitake, Susumu

2003-01-01

Validation of the continuous-energy Monte Carlo criticality-safety analysis system, comprising the MVP code and neutron cross sections based on JENDL-3.2, was examined using benchmarks evaluated in the 'International Handbook of Evaluated Criticality Safety Benchmark Experiments'. Eight experiments (116 configurations) for the plutonium solution and plutonium-uranium mixture systems performed at Valduc, Battelle Pacific Northwest Laboratories, and other facilities were selected and used in the studies. The averaged multiplication factors calculated with MVP and MCNP-4B using the same neutron cross-section libraries based on JENDL-3.2 were in good agreement. Based on methods provided in the Japanese nuclear criticality-safety handbook, the estimated criticality lower-limit multiplication factors to be used as a subcriticality criterion for the criticality-safety evaluation of nuclear facilities were obtained. The analysis proved the applicability of the MVP code to the criticality-safety analysis of nuclear fuel facilities, particularly to the analysis of systems fueled with plutonium and in homogeneous and thermal-energy conditions

A Reliability Assessment Method for the VHTR Safety Systems

International Nuclear Information System (INIS)

Lee, Hyung Sok; Jae, Moo Sung; Kim, Yong Wan

2011-01-01

The Passive safety system by very high temperature reactor which has attracted worldwide attention in the last century is the reliability safety system introduced for the improvement in the safety of the next generation nuclear power plant design. The Passive system functionality does not rely on an external source of energy, but on an intelligent use of the natural phenomena, such as gravity, conduction and radiation, which are always present. Because of these features, it is difficult to evaluate the passive safety on the risk analysis methodology having considered the existing active system failure. Therefore new reliability methodology has to be considered. In this study, the preliminary evaluation and conceptualization are tried, applying the concept of the load and capacity from the reliability physics model, designing the new passive system analysis methodology, and the trial applying to paper plant.

Software Safety Risk in Legacy Safety-Critical Computer Systems

Science.gov (United States)

Hill, Janice L.; Baggs, Rhoda

2007-01-01

Safety Standards contain technical and process-oriented safety requirements. Technical requirements are those such as "must work" and "must not work" functions in the system. Process-Oriented requirements are software engineering and safety management process requirements. Address the system perspective and some cover just software in the system > NASA-STD-8719.13B Software Safety Standard is the current standard of interest. NASA programs/projects will have their own set of safety requirements derived from the standard. Safety Cases: a) Documented demonstration that a system complies with the specified safety requirements. b) Evidence is gathered on the integrity of the system and put forward as an argued case. [Gardener (ed.)] c) Problems occur when trying to meet safety standards, and thus make retrospective safety cases, in legacy safety-critical computer systems.

Software qualification for digital safety system in KNICS project

International Nuclear Information System (INIS)

Kwon, Kee-Choon; Lee, Dong-Young; Choi, Jong-Gyun

2012-01-01

In order to achieve technical self-reliance in the area of nuclear instrumentation and control, the Korea Nuclear Instrumentation and Control System (KNICS) project had been running for seven years from 2001. The safety-grade Programmable Logic Controller (PLC) and the digital safety system were developed by KNICS project. All the software of the PLC and digital safety system were developed and verified following the software development life cycle Verification and Validation (V and V) procedure. The main activities of the V and V process are preparation of software planning documentations, verification of the Software Requirement Specification (SRS), Software Design Specification (SDS) and codes, and a testing of the software components, the integrated software, and the integrated system. In addition, a software safety analysis and a software configuration management are included in the activities. For the software safety analysis at the SRS and SDS phases, the software Hazard Operability (HAZOP) was performed and then the software fault tree analysis was applied. The software fault tree analysis was applied to a part of software module with some critical defects identified by the software HAZOP in SDS phase. The software configuration management was performed using the in-house tool developed in the KNICS project. (author)

Safety analysis report for packaging onsite long-length contaminated equipment transport system

International Nuclear Information System (INIS)

McCormick, W.A.

1997-01-01

This safety analysis report for packaging describes the components of the long-length contaminated equipment (LLCE) transport system (TS) and provides the analyses, evaluations, and associated operational controls necessary for the safe use of the LLCE TS on the Hanford Site. The LLCE TS will provide a standardized, comprehensive approach for the disposal of approximately 98% of LLCE scheduled to be removed from the 200 Area waste tanks

Safety analysis report for packaging, onsite, long-length contaminated equipment transport system

Energy Technology Data Exchange (ETDEWEB)

McCormick, W.A.

1997-05-09

This safety analysis report for packaging describes the components of the long-length contaminated equipment (LLCE) transport system (TS) and provides the analyses, evaluations, and associated operational controls necessary for the safe use of the LLCE TS on the Hanford Site. The LLCE TS will provide a standardized, comprehensive approach for the disposal of approximately 98% of LLCE scheduled to be removed from the 200 Area waste tanks.

Operation safety of complex industrial systems

International Nuclear Information System (INIS)

Zwingelstein, G.

1999-01-01

Zero fault or zero risk is an unreachable goal in industrial activities like nuclear activities. However, methods and techniques exist to reduce the risks to the lowest possible and acceptable level. The operation safety consists in the recognition, evaluation, prediction, measurement and mastery of technological and human faults. This paper analyses each of these points successively: 1 - evolution of operation safety; 2 - definitions and basic concepts: failure, missions and functions of a system and of its components, basic concepts and operation safety; 3 - forecasting analysis of operation safety: reliability data, data-banks, precautions for the use of experience feedback data; realization of an operation safety study: management of operation safety, quality assurance, critical review and audit of operation safety studies; 6 - conclusions. (J.S.)

The PIANC Safety Factor System for Breakwaters

DEFF Research Database (Denmark)

Burcharth, H. F.

2000-01-01

The paper presents a summary of the recommendations for implementation of safety in breakwater designs given by the PIANC PTC IT Working Group No 12 on Analysis of Rubble Mound Breakwaters with Vertical and Inclined Concrete Walls. The working groups developed for the most important failure modes...... a system of partial safety factors which facilitate design to any target safety level....

Safety analysis of control rod drive computers

International Nuclear Information System (INIS)

Ehrenberger, W.; Rauch, G.; Schmeil, U.; Maertz, J.; Mainka, E.U.; Nordland, O.; Gloee, G.

1985-01-01

The analysis of the most significant user programmes revealed no errors in these programmes. The evaluation of approximately 82 cumulated years of operation demonstrated that the operating system of the control rod positioning processor has a reliability that is sufficiently good for the tasks this computer has to fulfil. Computers can be used for safety relevant tasks. The experience gained with the control rod positioning processor confirms that computers are not less reliable than conventional instrumentation and control system for comparable tasks. The examination and evaluation of computers for safety relevant tasks can be done with programme analysis or statistical evaluation of the operating experience. Programme analysis is recommended for seldom used and well structured programmes. For programmes with a long, cumulated operating time a statistical evaluation is more advisable. The effort for examination and evaluation is not greater than the corresponding effort for conventional instrumentation and control systems. This project has also revealed that, where it is technologically sensible, process controlling computers or microprocessors can be qualified for safety relevant tasks without undue effort. (orig./HP) [de

Safety analysis of the UTSI-CFFF superconducting magnet

International Nuclear Information System (INIS)

Turner, L.R.; Wang, S.T.; Smith, R.P.; VanderArend, P.C.; Hsu, Y.H.

1979-01-01

In designing a large superconducting magnet such as the UTSI-CFFF dipole, great attention must be devoted to the safety of the magnet and personnel. The conductor for the UTSI-CFFF magnet incorporates much copper stabilizer, which both insures its cryostability, and contributes to the magnet safety. The quench analysis and the cryostat fault condition analysis are presented. Two analyses of exposed turns follow; the first shows that gas cooling protects uncovered turns; the second, that the cryostat pressure relief system protects them. Finally the failure mode and safety analysis is presented

Safety systems I/C reliability analysis of the Kozloduy NPP units 5 and 6; Analiz nadezhnosti KIP i sistem bezopasnosti pyatogo i shestogo bloka AEhS `Kozloduy`

Energy Technology Data Exchange (ETDEWEB)

Marinova, B [Risk Engineering Ltd., Sofia (Bulgaria)

1996-12-31

The purpose of the analysis is to assess the safety systems I/C equipment reliability of the Kozloduy-5 and the Kozloduy-6 reactors. The assessment of quantitative and qualitative effect of control systems unavailability on the safety systems unavailability is performed. The analysis is limited to the following systems: sprinkler management, low pressure emergency spray, emergency injection of boric acid, hydro accumulators, pressure compensator and compressed air. The code for probabilistic safety assessment PSAPACK has been used in analysis. Fault trees for all analysed safety systems have been constructed. Results indicates a high reliability of the safety systems management.

Development of safety analysis methodology for moderator system failure of CANDU-6 reactor by thermal-hydraulics/physics coupling

International Nuclear Information System (INIS)

Kim, Jong Hyun; Jin, Dong Sik; Chang, Soon Heung

2013-01-01

Highlights: • Developed new safety analysis methodology of moderator system failures for CANDU-6. • The new methodology used the TH-physics coupling concept. • Thermalhydraulic code is CATHENA, physics code is RFSP-IST. • Moderator system failure ends to the subcriticality through self-shutdown. -- Abstract: The new safety analysis methodology for the CANDU-6 nuclear power plant (NPP) moderator system failure has been developed by using the coupling technology with the thermalhydraulic code, CATHENA and reactor core physics code, RFSP-IST. This sophisticated methodology can replace the legacy methodology using the MODSTBOIL and SMOKIN-G2 in the field of the thermalhydraulics and reactor physics, respectively. The CATHENA thermalhydraulic model of the moderator system can simulate the thermalhydraulic behaviors of all the moderator systems such as the calandria tank, head tank, moderator circulating circuit and cover gas circulating circuit and can also predict the thermalhydraulic property of the moderator such as moderator density, temperature and water level in the calandria tank as the moderator system failures go on. And these calculated moderator thermalhydraulic properties are provided to the 3-dimensional neutron kinetics solution module – CERBRRS of RFSP-IST as inputs, which can predict the change of the reactor power and provide the calculated reactor power to the CATHENA. These coupling calculations are performed at every 2 s time steps, which are equivalent to the slow control of CANDU-6 reactor regulating systems (RRS). The safety analysis results using this coupling methodology reveal that the reactor operation enters into the self-shutdown mode without any engineering safety system and/or human interventions for the postulated moderator system failures of the loss of heat sink and moderator inventory, respectively

Safer Systems: A NextGen Aviation Safety Strategic Goal

Science.gov (United States)

Darr, Stephen T.; Ricks, Wendell R.; Lemos, Katherine A.

2008-01-01

The Joint Planning and Development Office (JPDO), is charged by Congress with developing the concepts and plans for the Next Generation Air Transportation System (NextGen). The National Aviation Safety Strategic Plan (NASSP), developed by the Safety Working Group of the JPDO, focuses on establishing the goals, objectives, and strategies needed to realize the safety objectives of the NextGen Integrated Plan. The three goal areas of the NASSP are Safer Practices, Safer Systems, and Safer Worldwide. Safer Practices emphasizes an integrated, systematic approach to safety risk management through implementation of formalized Safety Management Systems (SMS) that incorporate safety data analysis processes, and the enhancement of methods for ensuring safety is an inherent characteristic of NextGen. Safer Systems emphasizes implementation of safety-enhancing technologies, which will improve safety for human-centered interfaces and enhance the safety of airborne and ground-based systems. Safer Worldwide encourages coordinating the adoption of the safer practices and safer systems technologies, policies and procedures worldwide, such that the maximum level of safety is achieved across air transportation system boundaries. This paper introduces the NASSP and its development, and focuses on the Safer Systems elements of the NASSP, which incorporates three objectives for NextGen systems: 1) provide risk reducing system interfaces, 2) provide safety enhancements for airborne systems, and 3) provide safety enhancements for ground-based systems. The goal of this paper is to expose avionics and air traffic management system developers to NASSP objectives and Safer Systems strategies.

Incorporation of advanced accident analysis methodology into safety analysis reports

International Nuclear Information System (INIS)

2003-05-01

The IAEA Safety Guide on Safety Assessment and Verification defines that the aim of the safety analysis should be by means of appropriate analytical tools to establish and confirm the design basis for the items important to safety, and to ensure that the overall plant design is capable of meeting the prescribed and acceptable limits for radiation doses and releases for each plant condition category. Practical guidance on how to perform accident analyses of nuclear power plants (NPPs) is provided by the IAEA Safety Report on Accident Analysis for Nuclear Power Plants. The safety analyses are performed both in the form of deterministic and probabilistic analyses for NPPs. It is customary to refer to deterministic safety analyses as accident analyses. This report discusses the aspects of using the advanced accident analysis methods to carry out accident analyses in order to introduce them into the Safety Analysis Reports (SARs). In relation to the SAR, purposes of deterministic safety analysis can be further specified as (1) to demonstrate compliance with specific regulatory acceptance criteria; (2) to complement other analyses and evaluations in defining a complete set of design and operating requirements; (3) to identify and quantify limiting safety system set points and limiting conditions for operation to be used in the NPP limits and conditions; (4) to justify appropriateness of the technical solutions employed in the fulfillment of predetermined safety requirements. The essential parts of accident analyses are performed by applying sophisticated computer code packages, which have been specifically developed for this purpose. These code packages include mainly thermal-hydraulic system codes and reactor dynamics codes meant for the transient and accident analyses. There are also specific codes such as those for the containment thermal-hydraulics, for the radiological consequences and for severe accident analyses. In some cases, codes of a more general nature such

System theory and safety models in Swedish, UK, Dutch and Australian road safety strategies.

Science.gov (United States)

Hughes, B P; Anund, A; Falkmer, T

2015-01-01

Road safety strategies represent interventions on a complex social technical system level. An understanding of a theoretical basis and description is required for strategies to be structured and developed. Road safety strategies are described as systems, but have not been related to the theory, principles and basis by which systems have been developed and analysed. Recently, road safety strategies, which have been employed for many years in different countries, have moved to a 'vision zero', or 'safe system' style. The aim of this study was to analyse the successful Swedish, United Kingdom and Dutch road safety strategies against the older, and newer, Australian road safety strategies, with respect to their foundations in system theory and safety models. Analysis of the strategies against these foundations could indicate potential improvements. The content of four modern cases of road safety strategy was compared against each other, reviewed against scientific systems theory and reviewed against types of safety model. The strategies contained substantial similarities, but were different in terms of fundamental constructs and principles, with limited theoretical basis. The results indicate that the modern strategies do not include essential aspects of systems theory that describe relationships and interdependencies between key components. The description of these strategies as systems is therefore not well founded and deserves further development. Copyright © 2014 Elsevier Ltd. All rights reserved.

Use of safety analysis results to support process operation

International Nuclear Information System (INIS)

Karvonen, I.; Heino, P.

1990-01-01

Safety and risk analysis carried out during the design phase of a process plant produces useful knowledge about the behavior and the disturbances of the system. This knowledge, however, often remains to the designer though it would be of benefit to the operators and supervisors of the process plant, too. In Technical Research Centre of Finland a project has been started to plan and construct a prototype of an information system to make use of the analysis knowledge during the operation phase. The project belongs to a Nordic KRM project (Knowledge Based Risk Management System). The information system is planned to base on safety and risk analysis carried out during the design phase and completed with operational experience. The safety analysis includes knowledge about potential disturbances, their causes and consequences in the form of Hazard and Operability Study, faut trees and/or event trees. During the operation disturbances can however, occur, which are not included in the safety analysis, or the causes or consequences of which have been incompletely identified. Thus the information system must also have an interface for the documentation of the operational knowledge missing from the analysis results. The main tasks off the system when supporting the management of a disturbance are to identify it (or the most important of the coexistent ones) from the stored knowledge and to present it in a proper form (for example as a deviation graph). The information system may also be used to transfer knowledge from one shift to another and to train process personnel

Preliminary Analysis of a Steam Line Break Accident with the MARS-KS code for the SMART Design with Passive Safety Systems

Energy Technology Data Exchange (ETDEWEB)

Kang, Doohyuk; Ko, Yungjoo; Suh, Jaeseung [Hannam Univ., Daejeon (Korea, Republic of); Bae, Hwang; Ryu, Sunguk; Yi, Sungjae; Park, Hyunsik [Korea Atomic Energy Research Institute, Daejeon (Korea, Republic of)

2014-05-15

SMART has been developed by KAERI, and SMART-Standard Design Approval (SDA) was recently granted in 2012. A SMART design with Passive Safety System (PSS) features (called SMART-PSS) is being developed and added to the standard design of SMART by KAERI to improve its safety system. Active safety systems such as safety injection pumps will be replaced by a passive safety system, which is actuated only by the gravity force caused by the height difference. All tanks for the passive safety systems are higher than the injection nozzle, which is located around the reactor coolant pumps (RCPs). In this study, a preliminary analysis of the main steam line break accident (MSLB) was performed using the MARS-KS code to understand the general behavior of the SMART-PSS design and to prepare its validation test with the SMART-ITL (FESTA) facility. An anticipated accident for the main steam line break (MSLB) was performed using the MARS-KS code to understand the thermal-hydraulic behaviors of the SMART-PSS design. The preliminary analysis provides good insight into the passive safety system design features of the SMART-PSS and the thermal-hydraulic characteristics of the SMART design. The analysis results of the MSLB showed that the core water collapsed level inside the core support barrel was maintained high over the active core top level during the transient period. Therefore, the SMART-PSS design has satisfied the requirements to maintain the plant at a safe shutdown condition during 72 hours without AC power or operator action after an anticipated accident.

The LHC personnel safety system

International Nuclear Information System (INIS)

Ninin, P.; Valentini, F.; Ladzinski, T.

2011-01-01

Large particle physics installations such as the CERN Large Hadron Collider require specific Personnel Safety Systems (PSS) to protect the personnel against the radiological and industrial hazards. In order to fulfill the French regulation in matter of nuclear installations, the principles of IEC 61508 and IEC 61513 standard are used as a methodology framework to evaluate the criticality of the installation, to design and to implement the PSS.The LHC PSS deals with the implementation of all physical barriers, access controls and interlock devices around the 27 km of underground tunnel, service zones and experimental caverns of the LHC. The system shall guarantee the absence of personnel in the LHC controlled areas during the machine operations and, on the other hand, ensure the automatic accelerator shutdown in case of any safety condition violation, such as an intrusion during beam circulation. The LHC PSS has been conceived as two separate and independent systems: the LHC Access Control System (LACS) and the LHC Access Safety System (LASS). The LACS, using off the shelf technologies, realizes all physical barriers and regulates all accesses to the underground areas by identifying users and checking their authorizations.The LASS has been designed according to the principles of the IEC 61508 and 61513 standards, starting from a risk analysis conducted on the LHC facility equipped with a standard access control system. It consists in a set of safety functions realized by a dedicated fail-safe and redundant hardware guaranteed to be of SIL3 class. The integration of various technologies combining electronics, sensors, video and operational procedures adopted to establish an efficient personnel safety system for the CERN LHC accelerator is presented in this paper. (authors)

Swimming pool reactor reliability and safety analysis

International Nuclear Information System (INIS)

Li Zhaohuan

1997-01-01

A reliability and safety analysis of Swimming Pool Reactor in China Institute of Atomic Energy is done by use of event/fault tree technique. The paper briefly describes the analysis model, analysis code and main results. Meanwhile it also describes the impact of unassigned operation status on safety, the estimation of effectiveness of defense tactics in maintenance against common cause failure, the effectiveness of recovering actions on the system reliability, the comparison of occurrence frequencies of the core damage by use of generic and specific data

Use of computational fluid dynamics codes for safety analysis of nuclear reactor systems, including containment. Summary report of a technical meeting

International Nuclear Information System (INIS)

2003-11-01

Safety analysis is an important tool for justifying the safety of nuclear power plants. Typically, this type of analysis is performed by means of system computer codes with one dimensional approximation for modelling real plant systems. However, in the nuclear area there are issues for which traditional treatment using one dimensional system codes is considered inadequate for modelling local flow and heat transfer phenomena. There is therefore increasing interest in the application of three dimensional computational fluid dynamics (CFD) codes as a supplement to or in combination with system codes. There are a number of both commercial (general purpose) CFD codes as well as special codes for nuclear safety applications available. With further progress in safety analysis techniques, the increasing use of CFD codes for nuclear applications is expected. At present, the main objective with respect to CFD codes is generally to improve confidence in the available analysis tools and to achieve a more reliable approach to safety relevant issues. An exchange of views and experience can facilitate and speed up progress in the implementation of this objective. Both the International Atomic Energy Agency (IAEA) and the Nuclear Energy Agency of the Organisation for Economic Co-operation and Development (OECD/NEA) believed that it would be advantageous to provide a forum for such an exchange. Therefore, within the framework of the Working Group on the Analysis and Management of Accidents of the NEA's Committee on the Safety of Nuclear Installations, the IAEA and the NEA agreed to jointly organize the Technical Meeting on the Use of Computational Fluid Dynamics Codes for Safety Analysis of Reactor Systems, including Containment. The meeting was held in Pisa, Italy, from 11 to 14 November 2002. The publication constitutes the report of the Technical Meeting. It includes short summaries of the presentations that were made and of the discussions as well as conclusions and

Development of Operational Safety Monitoring System and Emergency Preparedness Advisory System for CANDU Reactors (I)

International Nuclear Information System (INIS)

Kim, Ma Woong; Shin, Hyeong Ki; Lee, Sang Kyu; Kim, Hyun Koon; Yoo, Kun Joong; Ryu, Yong Ho; Son, Han Seong; Song, Deok Yong

2007-01-01

As increase of operating nuclear power plants, an accident monitoring system is essential to ensure the operational safety of nuclear power plant. Thus, KINS has developed the Computerized Advisory System for a Radiological Emergency (CARE) system to monitor the operating status of nuclear power plant continuously. However, during the accidents or/and incidents some parameters could not be provided from the process computer of nuclear power plant to the CARE system due to limitation of To enhance the CARE system more effective for CANDU reactors, there is a need to provide complement the feature of the CARE in such a way to providing the operating parameters using to using safety analysis tool such as CANDU Integrated Safety Analysis System (CISAS) for CANDU reactors. In this study, to enhance the safety monitoring measurement two computerized systems such as a CANDU Operational Safety Monitoring System (COSMOS) and prototype of CANDU Emergency Preparedness Advisory System (CEPAS) are developed. This study introduces the two integrated safety monitoring system using the R and D products of the national mid- and long-term R and D such as CISAS and ISSAC code

Application of Software Safety Analysis Methods

International Nuclear Information System (INIS)

Park, G. Y.; Hur, S.; Cheon, S. W.; Kim, D. H.; Lee, D. Y.; Kwon, K. C.; Lee, S. J.; Koo, Y. H.

2009-01-01

A fully digitalized reactor protection system, which is called the IDiPS-RPS, was developed through the KNICS project. The IDiPS-RPS has four redundant and separated channels. Each channel is mainly composed of a group of bistable processors which redundantly compare process variables with their corresponding setpoints and a group of coincidence processors that generate a final trip signal when a trip condition is satisfied. Each channel also contains a test processor called the ATIP and a display and command processor called the COM. All the functions were implemented in software. During the development of the safety software, various software safety analysis methods were applied, in parallel to the verification and validation (V and V) activities, along the software development life cycle. The software safety analysis methods employed were the software hazard and operability (Software HAZOP) study, the software fault tree analysis (Software FTA), and the software failure modes and effects analysis (Software FMEA)

Plutonium finishing plant safety systems and equipment list

International Nuclear Information System (INIS)

Bergquist, G.G.

1995-01-01

The Safety Equipment List (SEL) supports Analysis Report (FSAR), WHC-SD-CP-SAR-021 and the Plutonium Finishing Plant Operational Safety Requirements (OSRs), WHC-SD-CP-OSR-010. The SEL is a breakdown and classification of all Safety Class 1, 2, and 3 equipment, components, or system at the Plutonium Finishing Plant complex

Reactor safety systems

International Nuclear Information System (INIS)

Kafka, P.

1975-01-01

The spectrum of possible accidents may become characterized by the 'maximum credible accident', which will/will not happen. Similary, the performance of safety systems in a multitude of situations is sometimes simplified to 'the emergency system will/will not work' or even 'reactors are/ are not safe'. In assessing safety, one must avoid this fallacy of reducing a complicated situation to the simple black-and-white picture of yes/no. Similarly, there is a natural tendency continually to improve the safety of a system to assure that it is 'safe enough'. Any system can be made safer and there is usually some additional cost. It is important to balance the increased safety against the increased costs. (orig.) [de

Survey of electronic safety systems in accelerator applications

International Nuclear Information System (INIS)

Mahoney, K.

1997-01-01

This paper presents the preliminary results and analysis of a comprehensive survey of the implementation of accelerator safety interlock systems from over 30 international labs. At the present time there is not a self consistent means to evaluate both the experiences and level of protection provided by electronic safety interlock systems. This research is intended to analyze the strength and weaknesses of several different types of interlock system implementation methodologies. Research, medical, and industrial accelerators are compared. Thomas Jefferson National Accelerator Facility (TJNAF) was one of the first large particle accelerators to implement a safety interlock system using programmable logic controllers. Since that time all of the major new U.S. accelerator construction projects plan to use some form of programmable electronics as part of a safety interlock system in some capacity

Combining soft system methodology and pareto analysis in safety management performance assessment : an aviation case

NARCIS (Netherlands)

Karanikas, Nektarios

2016-01-01

Although reengineering is strategically advantageous for organisations in order to keep functional and sustainable, safety must remain a priority and respective efforts need to be maintained. This paper suggests the combination of soft system methodology (SSM) and Pareto analysis on the scope of

Reactor system safety assurance

International Nuclear Information System (INIS)

Mattson, R.J.

1984-01-01

The philosophy of reactor safety is that design should follow established and conservative engineering practices, there should be safety margins in all modes of plant operation, special systems should be provided for accidents, and safety systems should have redundant components. This philosophy provides ''defense in depth.'' Additionally, the safety of nuclear power plants relies on ''safety systems'' to assure acceptable response to design basis events. Operating experience has shown the need to study plant response to more frequent upset conditions and to account for the influence of operators and non-safety systems on overall performance. Defense in depth is being supplemented by risk and reliability assessment

RELOSS, Reliability of Safety System by Fault Tree Analysis

International Nuclear Information System (INIS)

Allan, R.N.; Rondiris, I.L.; Adraktas, A.

1981-01-01

1 - Description of problem or function: Program RELOSS is used in the reliability/safety assessment of any complex system with predetermined operational logic in qualitative and (if required) quantitative terms. The program calculates the possible system outcomes following an abnormal operating condition and the probability of occurrence, if required. Furthermore, the program deduces the minimal cut or tie sets of the system outcomes and identifies the potential common mode failures. 4. Method of solution: The reliability analysis performed by the program is based on the event tree methodology. Using this methodology, the program develops the event tree of a system or a module of that system and relates each path of this tree to its qualitative and/or quantitative impact on specified system or module outcomes. If the system being analysed is subdivided into modules the program assesses each module in turn as described previously and then combines the module information to obtain results for the overall system. Having developed the event tree of a module or a system, the program identifies which paths lead or do not lead to various outcomes depending on whether the cut or the tie sets of the outcomes are required and deduces the corresponding sets. Furthermore the program identifies for a specific system outcome, the potential common mode failures and the cut or tie sets containing potential dependent failures of some components. 5. Restrictions on the complexity of the problem: The present dimensions of the program are as follows. They can however be easily modified: Maximum number of modules (equivalent components): 25; Maximum number of components in a module: 15; Maximum number of levels of parentheses in a logical statement: 10 Maximum number of system outcomes: 3; Maximum number of module outcomes: 2; Maximum number of points in time for which quantitative analysis is required: 5; Maximum order of any cut or tie set: 10; Maximum order of a cut or tie of any

Software Safety Life cycle and Method of POSAFE-Q System

International Nuclear Information System (INIS)

Lee, Jang-Soo; Kwon, Kee-Choon

2006-01-01

This paper describes the relationship between the overall safety life cycle and the software safety life cycle during the development of the software based safety systems of Nuclear Power Plants. This includes the design and evaluation activities of components as well as the system. The paper also compares the safety life cycle and planning activities defined in IEC 61508 with those in IEC 60880, IEEE 7-4.3.2, and IEEE 1228. Using the KNICS project as an example, software safety life cycle and safety analysis methods applied to the POSAFE-Q are demonstrated. KNICS software safety life cycle is described by comparing to the software development, testing, and safety analysis process with international standards. The safety assessment of the software for POSAFE-Q is a joint Korean German project. The assessment methods applied in the project and the experiences gained from this project are presented

Analysis of tank safety with propane-butane on LPG distribution station

Directory of Open Access Journals (Sweden)

Krzysiak Zbigniew

2017-12-01

Full Text Available An analysis of the risk of failure in the safety valve – tank with propane-butane (LPG system has been conducted. An uncontrolled outflow of liquid LPG, caused by a failure of the above mentioned system has been considered as a threat. The main research goal of the study is the hazardous analysis of propane-butane gas outflow for the safety valve – LPG tank system. The additional goal is the development of an useful method to fast identify the hazard of a mismatched safety valve. The results of the research analysis have confirmed that safety valves are basic protection of the installation (tank against failures that can lead to loss of life, material damage and further undesired costs of their unreliability. That is why a new, professional computer program has been created that allows for the selection of safety valves or for the verification of a safety valve selection in installations where any technical or technological changes have been made.

Software safety analysis application in installation phase

International Nuclear Information System (INIS)

Huang, H. W.; Yih, S.; Wang, L. H.; Liao, B. C.; Lin, J. M.; Kao, T. M.

2010-01-01

This work performed a software safety analysis (SSA) in the installation phase of the Lungmen nuclear power plant (LMNPP) in Taiwan, under the cooperation of INER and TPC. The US Nuclear Regulatory Commission (USNRC) requests licensee to perform software safety analysis (SSA) and software verification and validation (SV and V) in each phase of software development life cycle with Branch Technical Position (BTP) 7-14. In this work, 37 safety grade digital instrumentation and control (I and C) systems were analyzed by Failure Mode and Effects Analysis (FMEA), which is suggested by IEEE Standard 7-4.3.2-2003. During the installation phase, skew tests for safety grade network and point to point tests were performed. The FMEA showed all the single failure modes can be resolved by the redundant means. Most of the common mode failures can be resolved by operator manual actions. (authors)

Using Addenda in Documented Safety Analysis Reports

International Nuclear Information System (INIS)

Swanson, D.S.; Thieme, M.A.

2003-01-01

This paper discusses the use of addenda to the Radioactive Waste Management Complex (RWMC) Documented Safety Analysis (DSA) located at the Idaho National Engineering and Environmental Laboratory (INEEL). Addenda were prepared for several systems and processes at the facility that lacked adequate descriptive information and hazard analysis in the DSA. They were also prepared for several new activities involving unreviewed safety questions (USQs). Ten addenda to the RWMC DSA have been prepared since the last annual update

Guidelines for nuclear reactor equipments safety-analysis

International Nuclear Information System (INIS)

1978-01-01

The safety analysis in approving the applications for nuclear reactor constructions (or alterations) is performed by the Committee on Examination of Reactor Safety in accordance with various guidelines prescribed by the Atomic Energy Commission. In addition, the above Committee set forth its own regulations for the safety analysis on common problems among various types of nuclear reactors. This book has collected and edited those guidelines and regulations. It has two parts: Part I includes the guidelines issued to date by the Atomic Energy Commission: and Part II - regulations of the Committee. Part I has collected 8 categories of guidelines which relate to following matters: nuclear reactor sites analysis guidelines and standards for their applications; standard exposure dose of plutonium; nuclear ship operation guidelines; safety design analysis guidelines for light-water type, electricity generating nuclear reactor equipments; safety evaluation guidelines for emergency reactor core cooling system of light-water type power reactors; guidelines for exposure dose target values around light-water type electricity generating nuclear reactor equipments, and guidelines for evaluation of above target values; and meteorological guidelines for the safety analysis of electricity generating nuclear reactor equipments. Part II includes regulations of the Committee concerning - the fuel assembly used in boiling-water type and in pressurized-water type reactors; techniques of reactor core heat designs, etc. in boiling-water reactors; and others

Reliability analysis of safety systems of nuclear power plant and utility experience with reliability safeguarding of systems during specified normal operation

International Nuclear Information System (INIS)

Balfanz, H.P.

1989-01-01

The paper gives an outline of the methods applied for reliability analysis of safety systems in nuclear power plant. The main tasks are to check the system design for detection of weak points, and to find possibilities of optimizing the strategies for inspection, inspection intervals, maintenance periods. Reliability safeguarding measures include the determination and verification of the broundary conditions of the analysis with regard to the reliability parameters and maintenance parameters used in the analysis, and the analysis of data feedback reflecting the plant response during operation. (orig.) [de

Support analysis for safety analysis development for CANDU nuclear power plant

International Nuclear Information System (INIS)

Bedreaga, L.; Florescu, Gh.; Apostol, M.; Nitoi, M.

2004-01-01

Probabilistic Safety Assessment analysis (PSA) is a technique used to assess the safety of a nuclear power plant. Assessments of the nuclear plant systems/components from safety point of view consist in accomplishment of a lot of support analyses that are the base for the main analysis, in order to evaluate the impact of occurrences of abnormal states for these systems. Evaluation of initiating events frequency and components failure rate is based on underlying probabilistic theory and mathematic statistics. Some of these analyses are detailed analyses and are known very well in PSA. There are also some analyses, named support analyses for PSA, which are very important but less applicable because they involve a huge human effort and hardware facilities to accomplish. The usual methods applicable in PSA such as input data extracted from the specific documentation (operation procedures, testing procedures, maintenance procedures and so on) or conservative evaluation provide a high level of uncertainty for both input and output data. The paper describes support analysis required to improve the certainty level in evaluation of reliability parameters and also in the final results (either risk, reliability or safety assessment). (author)

Deterministic Safety Analysis for Nuclear Power Plants. Specific Safety Guide (Russian Edition)

International Nuclear Information System (INIS)

2014-01-01

The objective of this Safety Guide is to provide harmonized guidance to designers, operators, regulators and providers of technical support on deterministic safety analysis for nuclear power plants. It provides information on the utilization of the results of such analysis for safety and reliability improvements. The Safety Guide addresses conservative, best estimate and uncertainty evaluation approaches to deterministic safety analysis and is applicable to current and future designs. Contents: 1. Introduction; 2. Grouping of initiating events and associated transients relating to plant states; 3. Deterministic safety analysis and acceptance criteria; 4. Conservative deterministic safety analysis; 5. Best estimate plus uncertainty analysis; 6. Verification and validation of computer codes; 7. Relation of deterministic safety analysis to engineering aspects of safety and probabilistic safety analysis; 8. Application of deterministic safety analysis; 9. Source term evaluation for operational states and accident conditions; References

Application of safety checklist to the analysis of the IEA-R1 reactor water retreatment system

International Nuclear Information System (INIS)

Sauer, Maria Eugenia Lago Jacques; Sara Neto, Antonio Jorge; Lima, Toni Carlos Caboclo de; Ribeiro, Maria Alice Morato

2005-01-01

In 1999, the management of the IEA-R1 Research Reactor (pool type - 5 MWth), located at IPEN/CNEN-SP, started the evaluation of the Reactor Pool Water Retreatment System to identify operational aspects, which could compromise the operators safety. The purpose was to identify and propose enhancements to the system which would be installed to substitute for the existing one. This process was conducted through a qualitative study of the system in operation. This study was carried out by a team composed of specialists in reactor operation, systems maintenance and radiological protection, and one safety analyst. The study consisted, basically, in local inspections to verify the physical and operational conditions of each equipment / component as well as aspects related to maintenance activities of the system. The process control and the operator procedures associated with the retreatment of the reactor pool water were also reviewed. The methodology adopted to develop the study was based in process hazard analysis technique named Safety Checklist. This paper presents a summary of this study and the main results obtained. Some operational and safety problems identified, the prevention and/or correction means to avoid them, and the recommendations and suggestions that have been implemented to the new design of the IEA-R1 Reactor Water Retreatment System, whose installation was concluded in 2003, are also presented. (author)

K Basin safety analysis

International Nuclear Information System (INIS)

Porten, D.R.; Crowe, R.D.

1994-01-01

The purpose of this accident safety analysis is to document in detail, analyses whose results were reported in summary form in the K Basins Safety Analysis Report WHC-SD-SNF-SAR-001. The safety analysis addressed the potential for release of radioactive and non-radioactive hazardous material located in the K Basins and their supporting facilities. The safety analysis covers the hazards associated with normal K Basin fuel storage and handling operations, fuel encapsulation, sludge encapsulation, and canister clean-up and disposal. After a review of the Criticality Safety Evaluation of the K Basin activities, the following postulated events were evaluated: Crane failure and casks dropped into loadout pit; Design basis earthquake; Hypothetical loss of basin water accident analysis; Combustion of uranium fuel following dryout; Crane failure and cask dropped onto floor of transfer area; Spent ion exchange shipment for burial; Hydrogen deflagration in ion exchange modules and filters; Release of Chlorine; Power availability and reliability; and Ashfall

Selection and verification of safety parameters in safety parameter display system for nuclear power plants

International Nuclear Information System (INIS)

Zhang Yuangfang

1992-02-01

The method and results for safety parameter selection and its verification in safety parameter display system of nuclear power plants are introduced. According to safety analysis, the overall safety is divided into six critical safety functions, and a certain amount of safety parameters which can represent the integrity degree of each function and the causes of change are strictly selected. The verification of safety parameter selection is carried out from the view of applying the plant emergency procedures and in the accident man oeuvres on a full scale nuclear power plant simulator

A proposal for performing software safety hazard analysis

International Nuclear Information System (INIS)

Lawrence, J.D.; Gallagher, J.M.

1997-01-01

Techniques for analyzing the safety and reliability of analog-based electronic protection systems that serve to mitigate hazards in process control systems have been developed over many years, and are reasonably understood. An example is the protection system in a nuclear power plant. The extension of these techniques to systems which include digital computers is not well developed, and there is little consensus among software engineering experts and safety experts on how to analyze such systems. One possible technique is to extend hazard analysis to include digital computer-based systems. Software is frequently overlooked during system hazard analyses, but this is unacceptable when the software is in control of a potentially hazardous operation. In such cases, hazard analysis should be extended to fully cover the software. A method for performing software hazard analysis is proposed in this paper. The method concentrates on finding hazards during the early stages of the software life cycle, using an extension of HAZOP

PWR core safety analysis with 3-dimensional methods

International Nuclear Information System (INIS)

Gensler, A.; Kühnel, K.; Kuch, S.

2015-01-01

Highlights: • An overview of AREVA’s safety analysis codes their coupling is provided. • The validation base and licensing applications of these codes are summarized. • Coupled codes and methods provide improved margins and non-conservative results. • Examples for REA and inadvertent opening of the pressurizer safety valve are given. - Abstract: The main focus of safety analysis is to demonstrate the required safety level of the reactor core. Because of the demanding requirements, the quality of the safety analysis strongly affects the confidence in the operational safety of a reactor. To ensure the highest quality, it is essential that the methodology consists of appropriate analysis tools, an extensive validation base, and last but not least highly educated engineers applying the methodology. The sophisticated 3-dimensional core models applied by AREVA ensure that all physical effects relevant for safety are treated and the results are reliable and conservative. Presently AREVA employs SCIENCE, CASMO/NEMO and CASCADE-3D for pressurized water reactors. These codes are currently being consolidated into the next generation 3D code system ARCADIA®. AREVA continuously extends the validation base, including measurement campaigns in test facilities and comparisons of the predictions of steady state and transient measured data gathered from plants during many years of operation. Thus, the core models provide reliable and comprehensive results for a wide range of applications. For the application of these powerful tools, AREVA is taking benefit of its interdisciplinary know-how and international teamwork. Experienced engineers of different technical backgrounds are working together to ensure an appropriate interpretation of the calculation results, uncertainty analysis, along with continuously maintaining and enhancing the quality of the analysis methodologies. In this paper, an overview of AREVA’s broad application experience as well as the broad validation

Safety analysis for 'Fugen'

International Nuclear Information System (INIS)

1997-10-01

The improvement of safety in nuclear power stations is an important proposition. Therefore also as to the safety evaluation, it is important to comprehensively and systematically execute it by referring to the operational experience and the new knowledge which is important for the safety throughout the period of use as well as before the construction and the start of operation of nuclear power stations. In this report, the results when the safety analysis for ''Fugen'' was carried out by referring to the newest technical knowledge are described. As the result, it was able to be confirmed that the safety of ''Fugen'' has been secured by the inherent safety and the facilities which were designed for securing the safety. The basic way of thinking on the safety analysis including the guidelines to be conformed to is mentioned. As to the abnormal transient change in operation and accidents, their definition, the events to be evaluated and the standards for judgement are reported. The matters which were taken in consideration at the time of the analysis are shown. The computation programs used for the analysis were REACT, HEATUP, LAYMON, FATRAC, SENHOR, LOTRAC, FLOOD and CONPOL. The analyses of the abnormal transient change in operation and accidents are reported on the causes, countermeasures, protective functions and results. (K.I.)

Analysis of Critical Characteristics for Safety Graded Personnel Computers in the KNICS Architecture

International Nuclear Information System (INIS)

Lee, Hyun Chul; Lee, Dong Young

2009-01-01

Critical characteristics analysis of a safety related item is to identify characteristics to be verified to replace an original item with the dedicated item. It is sure that the dedicated item meeting critical characteristics would perform its intended safety function instead of the specified item. KNICS project developed two safety systems: IDiPS RPS (Reactor Protection System) and IDiPS ESF-CCS (Engineered Safety Features-Component Control System). Two safety systems of IDiPS are equipped with personnel computers, so-called COMs (Cabinet Operator Modules), in their cabinets. The personnel computers, COMs, are responsible for safety system monitoring, testing, and maintaining. Even though two safety systems are safety critical system, the personnel computers of two systems, i.e. COMs, are not graded as safety-graded items. Regulation requirements are expected to be strengthened, and the functions of the personnel computer may be enhanced to include safety-related functions and safety functions, it would be necessary that the grade of the personnel computers is adjusted to a higher level, the safety grade. To try to upgrade a non safety system, i.e. COMs, to a safety system, its safety functions and requirements, i.e. critical characteristics, must be identified and verified. This paper describes the process of the identification of critical characteristics and the results of analysis

Safety analysis and synthesis using fuzzy sets and evidential reasoning

International Nuclear Information System (INIS)

Wang, J.; Yang, J.B.; Sen, P.

1995-01-01

This paper presents a new methodology for safety analysis and synthesis of a complex engineering system with a structure that is capable of being decomposed into a hierarchy of levels. In this methodology, fuzzy set theory is used to describe each failure event and an evidential reasoning approach is then employed to synthesise the information thus produced to assess the safety of the whole system. Three basic parameters--failure likelihood, consequence severity and failure consequence probability, are used to analyse a failure event. These three parameters are described by linguistic variables which are characterised by a membership function to the defined categories. As safety can also be clearly described by linguistic variables referred to as the safety expressions, the obtained fuzzy safety score can be mapped back to the safety expressions which are characterised by membership functions over the same categories. This mapping results in the identification of the safety of each failure event in terms of the degree to which the fuzzy safety score belongs to each of the safety expressions. Such degrees represent the uncertainty in safety evaluations and can be synthesised using an evidential reasoning approach so that the safety of the whole system can be evaluated in terms of these safety expressions. Finally, a practical engineering example is presented to demonstrate the proposed safety analysis and synthesis methodology

Microbiological performance of Hazard Analysis Critical Control Point (HACCP)-based food safety management systems: A case of Nile perch processing company

NARCIS (Netherlands)

Kussaga, J.B.; Luning, P.A.; Tiisekwa, B.P.M.; Jacxsens, L.

2017-01-01

This study aimed at giving insight into microbiological safety output of a Hazard Analysis Critical Control Point (HACCP)-based Food Safety Management System (FSMS) of a Nile perch exporting company by using a combined assessment, This study aimed at giving insight into microbiological safety output

Analysis on safety production in coal mines Henan Province

Institute of Scientific and Technical Information of China (English)

KONG Liu-an; ZHANG Wen-yong

2006-01-01

Based on the rigorous situation of safety production in coal mines, the paper analyzed the statistical data of recent accidents indexes in Henan's coal mines. Using investigation and comparison analysis methods, a specified analysis on mining conditions, technical facility level, safety input and vocational quality of workers in Henan's coal mines was conducted. The result indicates that there have been existing such main safety production problems as weak safety management, low-level facilities, inadequate safety input and poor vocational quality and so on. Finally it proposes such reference solutions as to establish and perfect coal mining supervision and management system, to increase safety investment into techniques and facilities and to strengthen workers' safety education and introduction of more high-level professional talents.

OASIS: An automotive analysis and safety engineering instrument

International Nuclear Information System (INIS)

Mader, Roland; Armengaud, Eric; Grießnig, Gerhard; Kreiner, Christian; Steger, Christian; Weiß, Reinhold

2013-01-01

In this paper, we describe a novel software tool named OASIS (AutOmotive Analysis and Safety EngIneering InStrument). OASIS supports automotive safety engineering with features allowing the creation of consistent and complete work products and to simplify and automate workflow steps from early analysis through system development to software development. More precisely, it provides support for (a) model creation and reuse, (b) analysis and documentation and (c) configuration and code generation. We present OASIS as a part of a tool chain supporting the application of a safety engineering workflow aligned with the automotive safety standard ISO 26262. In particular, we focus on OASIS' (1) support for property checking and model correction as well as its (2) support for fault tree generation and FMEA (Failure Modes and Effects Analysis) table generation. Finally, based on the case study of hybrid electric vehicle development, we demonstrate that (1) and (2) are able to strongly support FTA (Fault Tree Analysis) and FMEA

Research on application of system of neutron, thermohydraulic and safety analysis codes in order to simulation of the Dalat Nuclear Research Reactor

International Nuclear Information System (INIS)

Pham Van Lam; Le Vinh Vinh; Huynh Ton Nghiem

2004-01-01

Requirements of neutron, thermohydraulic and safety analysis calculation are very important because of issuing new version of SAR for DNRR, research on construction of new research reactor and nuclear power plant. Research on application of system of neutron, thermohydraulic and safety analysis codes in order to simulation of the Dalat Nuclear Research Reactor has been done in the frame work of research theme in the year 2002-2003. The purposes of the research are maintaining safety operation of the DNRR and enhancement of man power and calculation and safety analysis tool potential. (author)

Conception of a PWR simulator as a tool for safety analysis

International Nuclear Information System (INIS)

Lanore, J.M.; Bernard, P.; Romeyer Dherbey, J.; Bonnet, C.; Quilchini, P.

1982-09-01

A simulator can be a very useful tool for safety analysis to study accident sequences involving malfunctions of the systems and operator interventions. The main characteristics of the simulator SALAMANDRE (description of the systems, physical models, programming organization, control desk) have then been selected according tot he objectives of safety analysis

Safety system status monitoring

International Nuclear Information System (INIS)

Lewis, J.R.; Morgenstern, M.H.; Rideout, T.H.; Cowley, P.J.

1984-03-01

The Pacific Northwest Laboratory has studied the safety aspects of monitoring the preoperational status of safety systems in nuclear power plants. The goals of the study were to assess for the NRC the effectiveness of current monitoring systems and procedures, to develop near-term guidelines for reducing human errors associated with monitoring safety system status, and to recommend a regulatory position on this issue. A review of safety system status monitoring practices indicated that current systems and procedures do not adequately aid control room operators in monitoring safety system status. This is true even of some systems and procedures installed to meet existing regulatory guidelines (Regulatory Guide 1.47). In consequence, this report suggests acceptance criteria for meeting the functional requirements of an adequate system for monitoring safety system status. Also suggested are near-term guidelines that could reduce the likelihood of human errors in specific, high-priority status monitoring tasks. It is recommended that (1) Regulatory Guide 1.47 be revised to address these acceptance criteria, and (2) the revised Regulatory Guide 1.47 be applied to all plants, including those built since the issuance of the original Regulatory Guide

Safety system status monitoring

Energy Technology Data Exchange (ETDEWEB)

Lewis, J.R.; Morgenstern, M.H.; Rideout, T.H.; Cowley, P.J.

1984-03-01

The Pacific Northwest Laboratory has studied the safety aspects of monitoring the preoperational status of safety systems in nuclear power plants. The goals of the study were to assess for the NRC the effectiveness of current monitoring systems and procedures, to develop near-term guidelines for reducing human errors associated with monitoring safety system status, and to recommend a regulatory position on this issue. A review of safety system status monitoring practices indicated that current systems and procedures do not adequately aid control room operators in monitoring safety system status. This is true even of some systems and procedures installed to meet existing regulatory guidelines (Regulatory Guide 1.47). In consequence, this report suggests acceptance criteria for meeting the functional requirements of an adequate system for monitoring safety system status. Also suggested are near-term guidelines that could reduce the likelihood of human errors in specific, high-priority status monitoring tasks. It is recommended that (1) Regulatory Guide 1.47 be revised to address these acceptance criteria, and (2) the revised Regulatory Guide 1.47 be applied to all plants, including those built since the issuance of the original Regulatory Guide.

Enhancement of safety analysis reliability for a CANDU-6 reactor using RELAP-CANDU/SCAN coupled code system

International Nuclear Information System (INIS)

Kim, Man Woong; Choi, Yong Seog; Sin, Chul; Kim, Hyun Koon; Kim, Hho Jung; Hwang, Su Hyun; Hong, In Seob; Kim, Chang Hyo

2005-01-01

In LOCA analysis of the CANDU reactor, the system thermal-hydraulic code, RELAP-CANDU, alone cannot predict the transient behavior accurately. Therefore, the best estimate neutronics and system thermal-hydraulic coupled code system is necessary to describe the transient behavior with higher accuracy and reliability. To perform on-line calculation of safety analysis for CANDU reactor, a coupled thermal hydraulics-neutronics code system was developed in such a way that the best-estimate thermal-hydraulic system code for CANDU reactor, RELAP-CANDU, is coupled with the full three-dimensional reactor core kinetic code

Guidance for preparation of safety analysis reports for nonreactor facilities and operations

International Nuclear Information System (INIS)

1992-01-01

Department of Energy (DOE) Orders 5480.23, ''Nuclear Safety Analysis Reports,'' and 5481.1B, ''Safety Analysis and Review System'' require the preparation of appropriate safety analyses for each DOE operation and subsequent significant modifications including decommissioning, and independent review of each safety analysis. The purpose of this guide is to assist in the preparation and review of safety documentation for Oak Ridge Field Office (OR) nonreactor facilities and operation. Appendix A lists DOE Orders, NRC Regulatory Guides and other documents applicable to the preparation of safety analysis reports

Structural analysis of a rehabilitative training system based on a ceiling rail for safety of hemiplegia patients.

Science.gov (United States)

Kim, Kyong; Song, Won Kyung; Chong, Woo Suk; Yu, Chang Ho

2018-04-17

The body-weight support (BWS) function, which helps to decrease load stresses on a user, is an effective tool for gait and balance rehabilitation training for elderly people with weakened lower-extremity muscular strength, hemiplegic patients, etc. This study conducts structural analysis to secure user safety in order to develop a rail-type gait and balance rehabilitation training system (RRTS). The RRTS comprises a rail, trolley, and brain-machine interface. The rail (platform) is connected to the ceiling structure, bearing the loads of the RRTS and of the user and allowing locomobility. The trolley consists of a smart drive unit (SDU) that assists the user with forward and backward mobility and a body-weight support (BWS) unit that helps the user to control his/her body-weight load, depending on the severity of his/her hemiplegia. The brain-machine interface estimates and measures on a real-time basis the body-weight (load) of the user and the intended direction of his/her movement. Considering the weight of the system and the user, the mechanical safety performance of the system frame under an applied 250-kg static load is verified through structural analysis using ABAQUS (6.14-3) software. The maximum stresses applied on the rail and trolley under the given gravity load of 250 kg, respectively, are 18.52 MPa and 48.44 MPa. The respective safety factors are computed to be 7.83 and 5.26, confirming the RRTS's mechanical safety. An RRTS with verified structural safety could be utilized for gait movement and balance rehabilitation and training for patients with hemiplegia.

Review of design criteria and safety analysis of safety class electric building for fuel test loop

Energy Technology Data Exchange (ETDEWEB)

Kim, J. Y.

1998-02-01

Steady state fuel test loop will be equipped in HANARO to obtain the development and betterment of advanced fuel and materials through the irradiation tests. HANARO fuel test loop was designed for CANDU and PWR fuel testing. Safety related system of Fuel Test Loop such as emergency cooling water system, component cooling water system, safety ventilation system, high energy line break mitigation system and remote control room was required 1E class electric supply to meet the safety operation in accordance with related code. Therefore, FTL electric building was designed to construction and install the related equipment based on seismic category I. The objective of this study is to review the design criteria and analysis the safety function of safety class electric building for fuel test loop, and this results will become guidance for the irradiation testing in future. (author). 10 refs., 6 tabs., 30 figs.

Enhancing Safety of Artificially Ventilated Patients Using Ambient Process Analysis.

Science.gov (United States)

Lins, Christian; Gerka, Alexander; Lüpkes, Christian; Röhrig, Rainer; Hein, Andreas

2018-01-01

In this paper, we present an approach for enhancing the safety of artificially ventilated patients using ambient process analysis. We propose to use an analysis system consisting of low-cost ambient sensors such as power sensor, RGB-D sensor, passage detector, and matrix infrared temperature sensor to reduce risks for artificially ventilated patients in both home and clinical environments. We describe the system concept and our implementation and show how the system can contribute to patient safety.

Traceability of Software Safety Requirements in Legacy Safety Critical Systems

Science.gov (United States)

Hill, Janice L.

2007-01-01

How can traceability of software safety requirements be created for legacy safety critical systems? Requirements in safety standards are imposed most times during contract negotiations. On the other hand, there are instances where safety standards are levied on legacy safety critical systems, some of which may be considered for reuse for new applications. Safety standards often specify that software development documentation include process-oriented and technical safety requirements, and also require that system and software safety analyses are performed supporting technical safety requirements implementation. So what can be done if the requisite documents for establishing and maintaining safety requirements traceability are not available?

Development and applications of a safety assessment system for promoting safety culture in nuclear power plants

International Nuclear Information System (INIS)

Takano, Ken-ichi; Hasegawa, Naoko; Hirose, Ayako; Hayase, Ken-ichi

2004-01-01

For past five years, CRIEPI has been continuing efforts to develop and make applications of a 'safety assessment system' which enable to measure the safety level of organization. This report describe about frame of the system, assessment results and its reliability, and relation between labor accident rate in the site and total safety index (TSI), which can be obtained by the principal factors analysis. The safety assessment in this report is based on questionnaire survey of employee. The format and concrete questionnaires were developed using existing literatures including organizational assessment tools. The tailored questionnaire format involved 124 questionnaire items. The assessment results could be considered as a well indicator of the safety level of organization, safety management, and safety awareness of employee. (author)

Safety analysis of reactor's cooling system

International Nuclear Information System (INIS)

1999-01-01

Results of the analysis of reactor's RBMK-1500 coolant system during normal operation mode, hydrodynamic testing and in the case of earthquake are presented. Analysis was performed using RELAP5 code. Calculations showed the most vulnerable place in the reactor's coolant system. It was found that in the case of earthquake the horizontal support system of drum separator could be damaged

C-Band Airport Surface Communications System Engineering-Initial High-Level Safety Risk Assessment and Mitigation

Science.gov (United States)

Zelkin, Natalie; Henriksen, Stephen

2011-01-01

This document is being provided as part of ITT's NASA Glenn Research Center Aerospace Communication Systems Technical Support (ACSTS) contract: "New ATM Requirements--Future Communications, C-Band and L-Band Communications Standard Development." ITT has completed a safety hazard analysis providing a preliminary safety assessment for the proposed C-band (5091- to 5150-MHz) airport surface communication system. The assessment was performed following the guidelines outlined in the Federal Aviation Administration Safety Risk Management Guidance for System Acquisitions document. The safety analysis did not identify any hazards with an unacceptable risk, though a number of hazards with a medium risk were documented. This effort represents an initial high-level safety hazard analysis and notes the triggers for risk reassessment. A detailed safety hazards analysis is recommended as a follow-on activity to assess particular components of the C-band communication system after the profile is finalized and system rollout timing is determined. A security risk assessment has been performed by NASA as a parallel activity. While safety analysis is concerned with a prevention of accidental errors and failures, the security threat analysis focuses on deliberate attacks. Both processes identify the events that affect operation of the system; and from a safety perspective the security threats may present safety risks.

Towards the Development of a Methodology for the Cyber Security Analysis of Safety Related Nuclear Digital I and C Systems

International Nuclear Information System (INIS)

Khand, Parvaiz Ahmed; Seong, Poong Hyun

2007-01-01

In nuclear power plants the redundant safety related systems are designed to take automatic action to prevent and mitigate accident conditions if the operators and the non-safety systems fail to maintain the plant within normal operating conditions. In case of an event, the failure of these systems has catastrophic consequences. The tendency in the industry over the past 10 years has been to use of commercial of the shelf (COTS) technologies in these systems. COTS software was written with attention to function and performance rather than security. COTS hardware usually designed to fail safe, but security vulnerabilities could be exploited by an attacker to disable the fail safe mechanisms. Moreover, the use of open protocols and operating systems in these technologies make the plants to become vulnerable to a host of cyber attacks. An effective security analysis process is required during all life cycle phases of these systems in order to ensure the security from cyber attacks. We are developing a methodology for the cyber security analysis of safety related nuclear digital I and C Systems. This methodology will cover all phases of development, operation and maintenance processes of software life cycle. In this paper, we will present a security analysis process for the concept stage of software development life cycle

Safety analysis report for packaging (onsite) steel drum

International Nuclear Information System (INIS)

McCormick, W.A.

1998-01-01

This Safety Analysis Report for Packaging (SARP) provides the analyses and evaluations necessary to demonstrate that the steel drum packaging system meets the transportation safety requirements of HNF-PRO-154, Responsibilities and Procedures for all Hazardous Material Shipments, for an onsite packaging containing Type B quantities of solid and liquid radioactive materials. The basic component of the steel drum packaging system is the 208 L (55-gal) steel drum

SCALE 5: Powerful new criticality safety analysis tools

International Nuclear Information System (INIS)

Bowman, Stephen M.; Hollenbach, Daniel F.; Dehart, Mark D.; Rearden, Bradley T.; Gauld, Ian C.; Goluoglu, Sedat

2003-01-01

Version 5 of the SCALE computer software system developed at Oak Ridge National Laboratory, scheduled for release in December 2003, contains several significant new modules and sequences for criticality safety analysis and marks the most important update to SCALE in more than a decade. This paper highlights the capabilities of these new modules and sequences, including continuous energy flux spectra for processing multigroup problem-dependent cross sections; one- and three-dimensional sensitivity and uncertainty analyses for criticality safety evaluations; two-dimensional flexible mesh discrete ordinates code; automated burnup-credit analysis sequence; and one-dimensional material distribution optimization for criticality safety. (author)

The Oak Ridge Research Reactor: safety analysis: Volume 2, supplement 2

International Nuclear Information System (INIS)

Hurt, S.S.

1986-11-01

The Oak Ridge Research Reactor Safety Analysis was last updated via ORNL-4169, Vol. 2, Supplement 1, in May of 1978. Since that date, several changes have been effected through the change-memo system described below. While these changes have involved the cooling system, the electrical system, and the reactor instrumentation and controls, they have not, for the most part, presented new or unreviewed safety questions. However, some of the changes have been based on questions or recommendations stemming from safety reviews or from reactor events at other sites. This paper discusses those changes which were judged to be safety related and which include revisions to the syphon-break system and changes related to seismic considerations which were very recently completed. The maximum hypothetical accident postulated in the original safety analysis requires dynamic containment and filtered flow for compliance with 10CFR100 limits at the site boundary

Safety design guide for safety related systems for CANDU 9

International Nuclear Information System (INIS)

Lee, Duk Su; Chang, Woo Hyun; Lee, Nam Young; A. C. D. Wright

1996-03-01

In general, two types of safety related systems and structures exist in the nuclear plant; The one is a systems and structures which perform safety functions during the normal operation of the plant, and the other is a systems and structures which perform safety functions to mitigate events caused by failure of the normally operating systems or by naturally occurring phenomena. In this safety design guide, these systems are identified in detail, and the major events for which the safety functions are required and the major safety requirements are identified in the list. As the probabilistic safety assessments are completed during the course of the project, additions or deletions to the list may be justified. 3 tabs. (Author) .new

Safety design guide for safety related systems for CANDU 9

Energy Technology Data Exchange (ETDEWEB)

Lee, Duk Su; Chang, Woo Hyun; Lee, Nam Young [Korea Atomic Energy Research Institute, Daeduk (Korea, Republic of); Wright, A.C.D. [Atomic Energy of Canada Ltd., Toronto (Canada)

1996-03-01

In general, two types of safety related systems and structures exist in the nuclear plant; The one is a systems and structures which perform safety functions during the normal operation of the plant, and the other is a systems and structures which perform safety functions to mitigate events caused by failure of the normally operating systems or by naturally occurring phenomena. In this safety design guide, these systems are identified in detail, and the major events for which the safety functions are required and the major safety requirements are identified in the list. As the probabilistic safety assessments are completed during the course of the project, additions or deletions to the list may be justified. 3 tabs. (Author) .new.

Proposal of Integrated Safety Assessment Methodology for Embedded System

International Nuclear Information System (INIS)

Sun, Wei; Kageyama, Makoto; Kanemoto, Shigeru

2011-01-01

To do risk analysis and risk evaluation for complicated safety critical embedded systems, there are three things should be paid a good attention: 1) an efficient and integrated model expression of embedded systems: 2) systematic risk analysis based on integrated system model: 3) quantitative risk evaluation for software and hardware integrated system. In this paper, taken electric water boiler as a target system, a proposal of risk analysis and risk evaluation for the embedded system is presented to meet these three purposes. In risk analysis, MFM is used and FT is generated automatically from MFM following some rules: And in risk evaluation, GO-FLOW is used to evaluate the reliability of sensors. And furthermore, FIT is applied to evaluate the safety software logic based on the diversity design concept. Although the electric water boiler is a simple example, it includes the key components of the embedded system like sensors, actuators, and software component. So, the process of modeling, analysis, and evaluation could be applied to other kinds of complicated embedded systems

Random safety auditing, root cause analysis, failure mode and effects analysis.

Science.gov (United States)

Ursprung, Robert; Gray, James

2010-03-01

Improving quality and safety in health care is a major concern for health care providers, the general public, and policy makers. Errors and quality issues are leading causes of morbidity and mortality across the health care industry. There is evidence that patients in the neonatal intensive care unit (NICU) are at high risk for serious medical errors. To facilitate compliance with safe practices, many institutions have established quality-assurance monitoring procedures. Three techniques that have been found useful in the health care setting are failure mode and effects analysis, root cause analysis, and random safety auditing. When used together, these techniques are effective tools for system analysis and redesign focused on providing safe delivery of care in the complex NICU system. Copyright 2010 Elsevier Inc. All rights reserved.

Safety system function trends

International Nuclear Information System (INIS)

Johnson, C.

1989-01-01

This paper describes research to develop risk-based indicators of plant safety performance. One measure of the safety-performance of operating nuclear power plants is the unavailability of important safety systems. Brookhaven National Laboratory and Science Applications International Corporation are evaluating ways to aggregate train-level or component-level data to provide such an indicator. This type of indicator would respond to changes in plant safety margins faster than the currently used indicator of safety system unavailability (i.e., safety system failures reported in licensee event reports). Trends in the proposed indicator would be one indication of trends in plant safety performance and maintenance effectiveness. This paper summarizes the basis for such an indicator, identifies technical issues to be resolved, and illustrates the potential usefullness of such indicators by means of computer simulations and case studies

Issues regarding Risk Effect Analysis of Digitalized Safety Systems and Main Risk Contributors

International Nuclear Information System (INIS)

Kang, Hyun Gook; Jang, Seung-Cheol

2008-01-01

Risk factors of safety-critical digital systems affect overall plant risk. In order to assess this risk effect, a risk model of a digitalized safety system is required. This article aims to provide an overview of the issues when developing a risk model and demonstrate their effect on plant risk quantitatively. Research activities in Korea for addressing these various issues, such as the software failure probability and the fault coverage of self monitoring mechanism are also described. The main risk contributors related to the digitalized safety system were determined in a quantitative manner. Reactor protection system and engineered safety feature component control system designed as part of the Korean Nuclear I and C System project are used as example systems. Fault-tree models were developed to assess the failure probability of a system function which is designed to generate an automated signal for actuating both of the reactor trip and the complicated accident-mitigation actions. The developed fault trees were combined with a plant risk model to evaluate the effect of a digitalized system's failure on the plant risk. (authors)

Hazard Analysis and Safety Requirements for Small Drone Operations: To What Extent Do Popular Drones Embed Safety?

Science.gov (United States)

Plioutsias, Anastasios; Karanikas, Nektarios; Chatzimihailidou, Maria Mikela

2018-03-01

Currently, published risk analyses for drones refer mainly to commercial systems, use data from civil aviation, and are based on probabilistic approaches without suggesting an inclusive list of hazards and respective requirements. Within this context, this article presents: (1) a set of safety requirements generated from the application of the systems theoretic process analysis (STPA) technique on a generic small drone system; (2) a gap analysis between the set of safety requirements and the ones met by 19 popular drone models; (3) the extent of the differences between those models, their manufacturers, and the countries of origin; and (4) the association of drone prices with the extent they meet the requirements derived by STPA. The application of STPA resulted in 70 safety requirements distributed across the authority, manufacturer, end user, or drone automation levels. A gap analysis showed high dissimilarities regarding the extent to which the 19 drones meet the same safety requirements. Statistical results suggested a positive correlation between drone prices and the extent that the 19 drones studied herein met the safety requirements generated by STPA, and significant differences were identified among the manufacturers. This work complements the existing risk assessment frameworks for small drones, and contributes to the establishment of a commonly endorsed international risk analysis framework. Such a framework will support the development of a holistic and methodologically justified standardization scheme for small drone flights. © 2017 Society for Risk Analysis.

Innovation in the Safety of nuclear systems: fundamental aspects

International Nuclear Information System (INIS)

Herranz, L. E.

2009-01-01

Safety commercial nuclear reactors has been an indispensable condition for future enlargement of power generation based on nuclear technology. Its fundamental principle, defence in depth, far from being outdated, is still adopted as a key foundation in the advanced nuclear system (generations III and IV). Nevertheless, the cumulative experience gained in the operation and maintenance of nuclear reactors, the development of methodologies like the probabilistic safety analysis, the use of passive safety systems and, even, the inherent characteristics of some new design (which exclude accident scenarios), allow estimating safety figures of merit even more outstanding that those achieved in the second generation of nuclear reactors. This safety innovation of upcoming nuclear reactors has entailed a huge investigation program (generation III) that will be focused on optimizing and demonstrating the postulated safety of future nuclear systems (Generation IV). (Author)

Safety analysis methodologies for radioactive waste repositories in shallow ground

International Nuclear Information System (INIS)

1984-01-01

The report is part of the IAEA Safety Series and is addressed to authorities and specialists responsible for or involved in planning, performing and/or reviewing safety assessments of shallow ground radioactive waste repositories. It discusses approaches that are applicable for safety analysis of a shallow ground repository. The methodologies, analysis techniques and models described are pertinent to the task of predicting the long-term performance of a shallow ground disposal system. They may be used during the processes of selection, confirmation and licensing of new sites and disposal systems or to evaluate the long-term consequences in the post-sealing phase of existing operating or inactive sites. The analysis may point out need for remedial action, or provide information to be used in deciding on the duration of surveillance. Safety analysis both general in nature and specific to a certain repository, site or design concept, are discussed, with emphasis on deterministic and probabilistic studies

Research on the Evaluation System for Rural Public Safety Planning

Institute of Scientific and Technical Information of China (English)

Ming; SUN; Jianxin; YAN

2014-01-01

The indicator evaluation system is introduced to the study of rural public safety planning in this article.By researching the current rural public safety planning and environmental carrying capacity,we select some carrying capacity indicators influencing the rural public safety,such as land,population,ecological environment,water resources,infrastructure,economy and society,to establish the environmental carrying capacity indicator system.We standardize the indicators,use gray correlation analysis method to determine the weight of indicators,and make DEA evaluation of the indicator system,to obtain the evaluation results as the basis for decision making in rural safety planning,and provide scientific and quantified technical support for rural public safety planning.

Probabilistic safety analysis for control rod drive system of ET-RR-1

International Nuclear Information System (INIS)

Nasr, M.; Nasser, O.

1988-01-01

The International Atomic Energy Agency (IAEA) co-ordinated a Research programme on Probabilistic Safety Analysis (PSA) for research reactors; with the participation of several countries. In the framework of this project (Project Int. 9/063) the Egyptian Atomic Energy Authority decided to perform a PSA study on the ET-RR-1 (Egypt Thermal Research Reactor). The study is conducted in collaboration between the nuclear regulatory and safety centre (NRSC) and the reactor department of the nuclear research centre at Inchass. The present work is a part of the PSA study on ET-RR- it is concerning a probabilistic safety analysis of the control rod drive mechanism

Annual activity report of Ignalina NPP Safety Analysis Group for 1996 year

International Nuclear Information System (INIS)

Ushpuras, E.; Augutis, J.; Bubelis, E.

1997-03-01

The main results of Ignalina NPP Safety Analysis Group (ISAG) investigations for 1996 are presented. ISAG is concentrating its research activities into four areas: the neutrons dynamics modelling, simulation of transient processes during loss of coolant accident, the reactor cooling systems modelling and the probabilistic safety assessment of accident confinement system. Ignalina Safety Analysis Report was prepared on the basis of these results. 37 refs., 9 tabs., 96 figs

IAEA Safety Standards on Management Systems and Safety Culture

International Nuclear Information System (INIS)

Persson, Kerstin Dahlgren

2007-01-01

The IAEA has developed a new set of Safety Standard for applying an integrated Management System for facilities and activities. The objective of the new Safety Standards is to define requirements and provide guidance for establishing, implementing, assessing and continually improving a Management System that integrates safety, health, environmental, security, quality and economic related elements to ensure that safety is properly taken into account in all the activities of an organization. With an integrated approach to management system it is also necessary to include the aspect of culture, where the organizational culture and safety culture is seen as crucial elements of the successful implementation of this management system and the attainment of all the goals and particularly the safety goals of the organization. The IAEA has developed a set of service aimed at assisting it's Member States in establishing. Implementing, assessing and continually improving an integrated management system. (author)

Nuclear reactor safety system

International Nuclear Information System (INIS)

Ball, R.M.; Roberts, R.C.

1983-01-01

The invention provides a safety system for a nuclear reactor which uses a parallel combination of computer type look-up tables each of which receives data on a particular parameter (from transducers located in the reactor system) and each of which produces the functional counterpart of that particular parameter. The various functional counterparts are then added together to form a control signal for shutting down the reactor. The functional counterparts are developed by analysis of experimental thermal and hydraulic data, which are used to form expressions that define safe conditions

STAMP model and its application prospect in DCS safety analysis of nuclear power plant

International Nuclear Information System (INIS)

Yang Xiaohua; Liu Jie; Liu Zhaohui; Liu Hua; Yu Tonglan

2013-01-01

The application of DCS (Digit Control System) is a certain trend for the development of nuclear power. DCS not only improves the control capability of nuclear power system, but also increases the complexity of the system. Traditional safety analysis techniques based on event-chain model are facing challenges. In order to improve the safety performance of nuclear power DCS, the latest research achievement in the field of safety engineering should be focused, studied and applied into nuclear power safety. This paper introduces a new safety analysis model named STAMP (Systems-Theoretic Accident Modeling and Processes) based on the system theory, analyzes its advantages and disadvantages compared with the traditional ones, and explains the basic steps of STPA (STAMP-Based Hazard Analysis) technology. Finally, according to the application status of STAMP at home and abroad, it prospects the development of STAMP in China's nuclear power safety. (authors)

Safety logic systems of PFBR

International Nuclear Information System (INIS)

Sambasivan, S. Ilango

2004-01-01

Full text : PFBR is provided with two independent, fast acting and diverse shutdown systems to detect any abnormalities and to initiate safety action. Each system consists of sensors, signal processing systems, logics, drive mechanisms and absorber rods. The absorber rods of the first system are Control and Safety Rods (CSR) and that of the second are called as Diverse Safety Rods (DSR). There are nine CSR and three DSR. While CSR are used for startup, control of reactor power, controlled shutdown and SCRAM, the DSR are used only for SCRAM. The respective drive mechanisms are called as CSRDM and DSRDM. Each of these two systems is capable of executing the shutdown satisfactorily with single failure criteria. Two independent safety logic systems based on diverse principles have been designed for the two shut down systems. The analog outputs of the sensors of Core Monitoring Systems comprising of reactor flux monitoring, core temperature monitoring, failed fuel detection and core flow monitoring systems are processed and converted into binary signals depending on their instantaneous values. Safety logic systems receive the binary signals from these core-monitoring systems and process them logically to protect the reactor against postulated initiating events. Neutronic and power to flow (P/Q) signals form the inputs to safety logic system-I and temperature signals are inputs to the safety logic system II. Failed fuel detection signals are processed by both the shut down systems. The two logic systems to actuate the safety rods are also based on two diverse designs and implemented with solid-state devices to meet all the requirements of safety systems. Safety logic system I that caters to neutronic and P/Q signals is designed around combinational logic and has an on-line test facility to detect struck at faults. The second logic system is based on dynamic logic and hence is inherently safe. This paper gives an overview of the two logic systems that have been

Technology development of maintenance optimization and reliability analysis for safety features in nuclear power plants

Energy Technology Data Exchange (ETDEWEB)

Kim, Tae Woon; Choi, Seong Soo; Lee, Dong Gue; Kim, Young Il

1999-12-01

The reliability data management system (RDMS) for safety systems of PHWR type plants has been developed and utilized in the reliability analysis of the special safety systems of Wolsong Unit 1,2 with plant overhaul period lengthened. The RDMS is developed for the periodic efficient reliability analysis of the safety systems of Wolsong Unit 1,2. In addition, this system provides the function of analyzing the effects on safety system unavailability if the test period of a test procedure changes as well as the function of optimizing the test periods of safety-related test procedures. The RDMS can be utilized in handling the requests of the regulatory institute actively with regard to the reliability validation of safety systems. (author)

Reliability Analysis and Calibration of Partial Safety Factors for Redundant Structures

DEFF Research Database (Denmark)

Sørensen, John Dalsgaard

1998-01-01

Redundancy is important to include in the design and analysis of structural systems. In most codes of practice redundancy is not directly taken into account. In the paper various definitions of a deterministic and reliability based redundancy measure are reviewed. It is described how reundancy can...... be included in the safety system and how partial safety factors can be calibrated. An example is presented illustrating how redundancy is taken into account in the safety system in e.g. the Danish codes. The example shows how partial safety factors can be calibrated to comply with the safety level...

Recent advances in systems safety and security

CERN Document Server

Stamatescu, Grigore

2016-01-01

This book represents a timely overview of advances in systems safety and security, based on selected, revised and extended contributions from the 2nd and 3rd editions of the International Workshop on Systems Safety and Security – IWSSS, held in 2014 and 2015, respectively, in Bucharest, Romania. It includes 14 chapters, co-authored by 34 researchers from 7 countries. The book provides an useful reference from both theoretical and applied perspectives in what concerns recent progress in this area of critical interest. Contributions, broadly grouped by core topic, address challenges related to information theoretic methods for assuring systems safety and security, cloud-based solutions, image processing approaches, distributed sensor networks and legal or risk analysis viewpoints. These are mostly accompanied by associated case studies providing additional practical value and underlying the broad relevance and impact of the field.

Periodic safety review of the HTR-10 safety analysis

International Nuclear Information System (INIS)

Chen Fubing; Zheng Yanhua; Shi Lei; Li Fu

2015-01-01

Designed by the Institute of Nuclear and New Energy Technology (INET) of Tsinghua University, the 10 MW High Temperature Gas-cooled Reactor-Test Module (HTR-10) is the first modular High Temperature Gas-cooled Reactor (HTGR) in China. According to the nuclear safety regulations of China, the periodic safety review (PSR) of the HTR-10 was initiated by INET after approved by the National Nuclear Safety Administration (NNSA) of China. Safety analysis of the HTR-10 is one of the key safety factors of the PSR. In this paper, the main contents in the review of safety analysis are summarized; meanwhile, the internal evaluation on the review results is presented by INET. (authors)

Safety analysis of nuclear power plants

International Nuclear Information System (INIS)

Selvatici, E.

1981-01-01

A study about the safety analysis of nuclear power plant, giving emphasis to how and why to do is presented. The utilization of the safety analysis aiming to perform the licensing requirements is discussed, and an example of the Angra 2 and 3 safety analysis is shown. Some presented tendency of the safety analysis are presented and examples are shown.(E.G.) [pt

Safety Analysis Of Actinide Recycled Fast Power Reactor

International Nuclear Information System (INIS)

Taufik, Mohammad

2001-01-01

Simulation for safety analysis of actinide recycled fast power reactor has been performed. The objective is to know reactor response about ULOF and ULOF and UTOP simultaneous accident. From parameter result such reactivity feedback, power, temperature, and cooled flow rate can conclusion that reactor have inherent safety system, which can back to new Equilibrium State

Some topics on safety analysis and accident nodalization of CAREM-25

International Nuclear Information System (INIS)

Gimenez, Marcelo O.; Zanocco, Pablo; Schlamp, Miguel A.; Ottaviani, Anahi; Garcia, Alicia

2000-01-01

The main goal of nuclear safety area in the CAREM Project Phase I, carried out during 1999, was to consolidate the safety systems design through an integral analysis of the reactor and the safety systems response to different accidental sequences. A primary circuit nodalization, including the steam generators, was done with RELAP5 code. The modeling of System 230 (absorber rods drive feed water system), System 1400 (purification and control volume system) and steam condensation on the absorber rods drive system and on RPV wall is implemented through boundary conditions. Also the Residual Heat Removal System and the Second Shutdown system are modeled. The reactor steady state at full power was calculated. The results agree quite well with design values. It can be said from the accident analysis that the nodalization responds properly. Further analysis should be done in order to qualify the nodalization and to compare benchmarks with other codes and experimental data. On the other hand, the steam dome model should be improved with more precise data about absorber rods drive system condensation, loss of heat and inner components layout. (author)

Simplified safety and containment systems for the iris reactor

International Nuclear Information System (INIS)

Conway, L.E.; Lombardi, C.; Ricotti, M.; Oriani, L.

2001-01-01

The IRIS (International Reactor Innovative and Secure) is a 100 - 300 MW modular type pressurized water reactor supported by the U.S. DOE NERI Program. IRIS features a long-life core to provide proliferation resistance and to reduce the volume of spent fuel, as well as reduce maintenance requirements. IRIS utilizes an integral reactor vessel that contains all major primary system components. This integral reactor vessel makes it possible to reduce containment size; making the IRIS more cost competitive. IRIS is being designed to enhance reactor safety, and therefore a key aspect of the IRIS program is the development of the safety and containment systems. These systems are being designed to maximize containment integrity, prevent core uncover following postulated accidents, minimize the probability and consequences of severe accidents, and provide a significant simplification over current safety system designs. The design of the IRIS containment and safety systems has been identified and preliminary analyses have been completed. The IRIS safety concept employs some unique features that minimize the consequences of postulated design basis events. This paper will provide a description of the containment design and safety systems, and will summarize the analysis results. (author)

Safety of mechanical devices. Safety of automation systems

International Nuclear Information System (INIS)

Pahl, G.; Schweizer, G.; Kapp, K.

1985-01-01

The paper deals with the classic procedures of safety engineering in the sectors mechanical engineering, electrical and energy engineering, construction and transport, medicine technology and process technology. Particular stress is laid on the safety of automation systems, control technology, protection of mechanical devices, reactor safety, mechanical constructions, transport systems, railway signalling devices, road traffic and protection at work in chemical plans. (DG) [de

10 CFR 70.62 - Safety program and integrated safety analysis.

Science.gov (United States)

2010-01-01

...; (iv) Potential accident sequences caused by process deviations or other events internal to the... have experience in nuclear criticality safety, radiation safety, fire safety, and chemical process... this safety program; namely, process safety information, integrated safety analysis, and management...

Operation safety of control systems. Principles and methods; Surete de fonctionnement des systemes de commande. Principes et methodes

Energy Technology Data Exchange (ETDEWEB)

Aubry, J.F. [Institut National Polytechnique, 54 - Nancy (France); Chatelet, E. [Universite de Technologie de Troyes, 10 (France)

2008-09-15

This article presents the main operation safety methods that can be implemented to design safe control systems taking into account the behaviour of the different components with each other (binary 'operation/failure' behaviours, non-consistent behaviours and 'hidden' failures, dynamical behaviours and temporal aspects etc). To take into account these different behaviours, advanced qualitative and quantitative methods have to be used which are described in this article: 1 - qualitative methods of analysis: functional analysis, preliminary risk analysis, failure mode and failure effects analyses; 2 - quantitative study of systems operation safety: binary representation models, state space-based methods, event space-based methods; 3 - application to the design of control systems: safe specifications of a control system, qualitative analysis of operation safety, quantitative analysis, example of application; 4 - conclusion. (J.S.)

Residual Heat Removal System qualitative probabilistic safety analysis before and after auto closure interlock removal

International Nuclear Information System (INIS)

Mikulicic, V.; Simic, Z.

1992-01-01

The analysis evaluates the consequences of the removal of the auto closure interlock (ACI) on the Residual Heat Removal System (RHRS) suction/isolation valves at the nuclear power plant. The deletion of the RHRS ACI is in part based on a probabilistic safety analysis (PSA) which justifies the removal based on a criterion of increased availability and reliability. Three different areas to be examined in PSA: the likelihood of an interfacing system LOCA; RHRS availability and reliability; and low temperature overpressurization control. The paper emphasizes particularly the RHRS unavailability and reliability evaluation utilizing the current control circuitry configuration and then with the proposed modification to the control circuitry. (author)

Evaluating software for safety systems in nuclear power plants

International Nuclear Information System (INIS)

Lawrence, J.D.; Persons, W.L.; Preckshot, G.G.; Gallagher, J.

1994-01-01

In 1991, LLNL was asked by the NRC to provide technical assistance in various aspects of computer technology that apply to computer-based reactor protection systems. This has involved the review of safety aspects of new reactor designs and the provision of technical advice on the use of computer technology in systems important to reactor safety. The latter includes determining and documenting state-of-the-art subjects that require regulatory involvement by the NRC because of their importance in the development and implementation of digital computer safety systems. These subjects include data communications, formal methods, testing, software hazards analysis, verification and validation, computer security, performance, software complexity and others. One topic software reliability and safety is the subject of this paper

Evaluating safety management system implementation

International Nuclear Information System (INIS)

Preuss, M.

2009-01-01

Canada is committed to not only maintaining, but also improving upon our record of having one of the safest aviation systems in the world. The development, implementation and maintenance of safety management systems is a significant step towards improving safety performance. Canada is considered a world leader in this area and we are fully engaged in implementation. By integrating risk management systems and business practices, the aviation industry stands to gain better safety performance with less regulatory intervention. These are important steps towards improving safety and enhancing the public's confidence in the safety of Canada's aviation system. (author)

IAEA Review for Gap Analysis of Safety Analysis Capability

International Nuclear Information System (INIS)

Basic, Ivica; Kim, Manwoong; Huges, Peter; Lim, B-K; D'Auria, Francesco; Louis, Vidard Michael

2014-01-01

The IAEA Asian Nuclear Safety Network (ANSN) was launched in 2002 in the framework of the Extra Budgetary Programme (EBP) on the Safety of Nuclear Installations in the South East Asia, Pacific and Far East Countries. The main objective is to strengthen and expand human and advanced Information Technology (IT) network to pool, analyse and share nuclear safety knowledge and practical experience for peaceful uses in this region. Under the ANSN framework, a technical group on Safety Analysis (SATG) was established in 2004 aimed to providing a forum for the exchange of experience in the following areas of safety analysis: · To provide a forum for an exchange of experience in the area of safety analysis, · To maintain and improve the knowledge on safety analysis method, · To enhance the utilization of computer codes, · To pool and analyse the issues related with safety analysis of research reactor, and · To facilitate mutual interested on safety analysis among member countries. A sustainable and successful nuclear energy programme requires a strong technical infrastructure, including a workforce made up of highly specialized and well-educated professionals. A significant portion of this technical capacity must be dedicated to safety- especially to safety analysis- as only then can it serve as the basis for making the right decisions during the planning, licensing, construction and operation of new nuclear facilities. In this regard, the IAEA has provided ANSN member countries with comprehensive training opportunities for capacity building in safety analysis. Nevertheless, the SATG recognizes that it is difficult to achieve harmonization in this area among all member countries because of their different competency levels. Therefore, it is necessary to quickly identify the most obvious gaps in safety analysis capability and then to use existing resources to begin to fill those gaps. The goal of this Expert Mission (EM) for gap finding service is to facilitate

Development of evaluation method for software safety analysis techniques

International Nuclear Information System (INIS)

Huang, H.; Tu, W.; Shih, C.; Chen, C.; Yang, W.; Yih, S.; Kuo, C.; Chen, M.

2006-01-01

Full text: Full text: Following the massive adoption of digital Instrumentation and Control (I and C) system for nuclear power plant (NPP), various Software Safety Analysis (SSA) techniques are used to evaluate the NPP safety for adopting appropriate digital I and C system, and then to reduce risk to acceptable level. However, each technique has its specific advantage and disadvantage. If the two or more techniques can be complementarily incorporated, the SSA combination would be more acceptable. As a result, if proper evaluation criteria are available, the analyst can then choose appropriate technique combination to perform analysis on the basis of resources. This research evaluated the applicable software safety analysis techniques nowadays, such as, Preliminary Hazard Analysis (PHA), Failure Modes and Effects Analysis (FMEA), Fault Tree Analysis (FTA), Markov chain modeling, Dynamic Flowgraph Methodology (DFM), and simulation-based model analysis; and then determined indexes in view of their characteristics, which include dynamic capability, completeness, achievability, detail, signal/ noise ratio, complexity, and implementation cost. These indexes may help the decision makers and the software safety analysts to choose the best SSA combination arrange their own software safety plan. By this proposed method, the analysts can evaluate various SSA combinations for specific purpose. According to the case study results, the traditional PHA + FMEA + FTA (with failure rate) + Markov chain modeling (without transfer rate) combination is not competitive due to the dilemma for obtaining acceptable software failure rates. However, the systematic architecture of FTA and Markov chain modeling is still valuable for realizing the software fault structure. The system centric techniques, such as DFM and Simulation-based model analysis, show the advantage on dynamic capability, achievability, detail, signal/noise ratio. However, their disadvantage are the completeness complexity

Final safety analysis report for the atmospheric protection system

International Nuclear Information System (INIS)

1976-06-01

An Atmospheric Protection System (APS) has been constructed at the Idaho Chemical Processing Plant to minimize the release of radioactive particulate material to the atmosphere from nonroutine occurrences. Existing off-gas cleanup systems remove radioactive particulates to well below allowable limits for controlled areas before release to the plant stack. Previously all ventilation air from process cells was discharged to the stack without treatment. The APS provides continuous filtration of all ventilation air from process cells and backup filtration of all process off gases before they are released to the atmosphere. A safety analysis of the potential hazards associated with the APS has been completed. The review indicates that the system is capable of withstanding design basis natural phenomena including a flood, tornado, and earthquake without releasing unacceptable amounts of radioactive particulate from the filters to the environment. An in-cell explosion, fire, mechanical damage, and other postulated accident situations were investigated. From these, the design basis accident postulated for the facility is complete release of the maximum amount of radioactive particulate collected on the 104 ventilation air HEPA filters to the atmosphere via the 250-foot high stack. Even though the release of all the radioactive particulate contained on the filters is hardly credible, it would not present an unacceptable hazard to personnel on or offsite

Rad waste disposal safety analysis / Integrated safety assessment of a waste repository

International Nuclear Information System (INIS)

Jeong, Jongtae; Choi, Jongwon; Kang, Chulhyung

2012-04-01

We developed CYPRUS+and adopted PID and RES method for the development of scenario. Safety performance assessment program was developed using GoldSim for the safety assessment of disposal system for the disposal of spnet fuels and wastes resulting from the pyrpoprocessing. Biosphere model was developed and verified in cooperation with JAEA. The capability to evaluate post-closure performance and safety was added to the previously developed program. And, nuclide migration and release to the biosphere considering site characteristics was evaluated by using deterministic and probabilistic approach. Operational safety assessment for drop, fire, and earthquake was also statistically evaluated considering well-established input parameter distribution. Conservative assessment showed that dose rate is below the limit value of low- and intermediate-level repository. Gas generation mechanism within engineered barrier was defined and its influence on safety was evaluated. We made probabilistic safety assessment by obtaining the probability distribution functions of important input variables and also made a sensitivity analysis. The maximum annual dose rate was shown to be below the safety limit value of 10 mSv/yr. The structure and element of safety case was developed to increase reliability of safety assessment methodology for a deep geological repository. Finally, milestone for safety case development and implementation strategy for each safety case element was also proposed

Safety Information System Guide

International Nuclear Information System (INIS)

Bullock, M.G.

1977-03-01

This Guide provides guidelines for the design and evaluation of a working safety information system. For the relatively few safety professionals who have already adopted computer-based programs, this Guide may aid them in the evaluation of their present system. To those who intend to develop an information system, it will, hopefully, inspire new thinking and encourage steps towards systems safety management. For the line manager who is working where the action is, this Guide may provide insight on the importance of accident facts as a tool for moving ideas up the communication ladder where they will be heard and acted upon; where what he has to say will influence beneficial changes among those who plan and control his operations. In the design of a safety information system, it is suggested that the safety manager make friends with a computer expert or someone on the management team who has some feeling for, and understanding of, the art of information storage and retrieval as a new and better means for communication

L-Band Digital Aeronautical Communications System Engineering - Initial Safety and Security Risk Assessment and Mitigation

Science.gov (United States)

Zelkin, Natalie; Henriksen, Stephen

2011-01-01

This document is being provided as part of ITT's NASA Glenn Research Center Aerospace Communication Systems Technical Support (ACSTS) contract NNC05CA85C, Task 7: "New ATM Requirements--Future Communications, C-Band and L-Band Communications Standard Development." ITT has completed a safety hazard analysis providing a preliminary safety assessment for the proposed L-band (960 to 1164 MHz) terrestrial en route communications system. The assessment was performed following the guidelines outlined in the Federal Aviation Administration Safety Risk Management Guidance for System Acquisitions document. The safety analysis did not identify any hazards with an unacceptable risk, though a number of hazards with a medium risk were documented. This effort represents a preliminary safety hazard analysis and notes the triggers for risk reassessment. A detailed safety hazards analysis is recommended as a follow-on activity to assess particular components of the L-band communication system after the technology is chosen and system rollout timing is determined. The security risk analysis resulted in identifying main security threats to the proposed system as well as noting additional threats recommended for a future security analysis conducted at a later stage in the system development process. The document discusses various security controls, including those suggested in the COCR Version 2.0.

Penerapan Safety Management System Pada Lembaga Penyelenggara Pelayanan Navigasi Penerbangan Indonesia

OpenAIRE

Fiyanzar, Adin Eka; Nusraningrum, Dewi; Arofat, Osman

2016-01-01

This study aimed to analyze the effect of the implementation of Safety Management System (SMS) and the use of information system on the Flight Safety in the Indonesian Air Navigation Services Organization both partially and simultaneously. The research uses quantitative methods, and the data are analyzed using linear regression, simple correlation both partially and simultaneously and path analysis. The result shows; implementation of Safety Management System (X1) as measured by the Flight Sa...

Systems analysis of radiation safety during dismantling of power-plant equipment at a nuclear power station

International Nuclear Information System (INIS)

Bylkin, B.K.; Shpitser, V.Ya.

1993-01-01

A systems analysis of the radiation safety makes possible an ad hoc determination of the elements forming the system, as well as the establishment of the characteristics of their interaction with radiation-effect factors. Here the authors will present part of the hierarchical analysis procedure, consisting in general of four separate procedures. The purpose is to investigate and analyze the mean and stable (on the average) indices of radiation safety, within the framework of alternative mathematical models of dismantling the power-plant equipment of a nuclear power station. The following three of the four procedures are discussed: (1) simulated projection, of the processing of radioactive waste; (2) analysis of the redistribution of radionuclides during the industrial cycle of waste treatment; (3) planning the collective dose load during the dismantling operation. Within the framework of the first of these procedures, the solutions to the problem of simulating a waste-treatment operation of maximum efficiency are analyzed. This analysis is based on the use of a data base for the parameters of the installations, assemblies, and equipment, enabling the integration of these in a simulation of a complex automated facility. The results were visualized in an AUTOCAD-10 medium using a graphical data base containing an explanation of the rooms

Analysis of Aviation Safety Reporting System Incident Data Associated with the Technical Challenges of the Atmospheric Environment Safety Technology Project

Science.gov (United States)

Withrow, Colleen A.; Reveley, Mary S.

2014-01-01

This study analyzed aircraft incidents in the NASA Aviation Safety Reporting System (ASRS) that apply to two of the three technical challenges (TCs) in NASA's Aviation Safety Program's Atmospheric Environment Safety Technology Project. The aircraft incidents are related to airframe icing and atmospheric hazards TCs. The study reviewed incidents that listed their primary problem as weather or environment-nonweather between 1994 and 2011 for aircraft defined by Federal Aviation Regulations (FAR) Parts 121, 135, and 91. The study investigated the phases of flight, a variety of anomalies, flight conditions, and incidents by FAR part, along with other categories. The first part of the analysis focused on airframe-icing-related incidents and found 275 incidents out of 3526 weather-related incidents over the 18-yr period. The second portion of the study focused on atmospheric hazards and found 4647 incidents over the same time period. Atmospheric hazards-related incidents included a range of conditions from clear air turbulence and wake vortex, to controlled flight toward terrain, ground encounters, and incursions.

Assessing nuclear power plant safety and recovery from earthquakes using a system-of-systems approach

International Nuclear Information System (INIS)

Ferrario, E.; Zio, E.

2014-01-01

We adopt a ‘system-of-systems’ framework of analysis, previously presented by the authors, to include the interdependent infrastructures which support a critical plant in the study of its safety with respect to the occurrence of an earthquake. We extend the framework to consider the recovery of the system of systems in which the plant is embedded. As a test system, we consider the impacts produced on a nuclear power plant (the critical plant) embedded in the connected power and water distribution, and transportation networks which support its operation. The Seismic Probabilistic Risk Assessment of such system of systems is carried out by Hierarchical modeling and Monte Carlo simulation. First, we perform a top-down analysis through a hierarchical model to identify the elements that at each level have most influence in restoring safety, adopting the criticality importance measure as a quantitative indicator. Then, we evaluate by Monte Carlo simulation the probability that the nuclear power plant enters in an unsafe state and the time needed to recover its safety. The results obtained allow the identification of those elements most critical for the safety and recovery of the nuclear power plant; this is relevant for determining improvements of their structural/functional responses and supporting the decision-making process on safety critical-issues. On the test system considered, under the given assumptions, the components of the external and internal water systems (i.e., pumps and pool) turn out to be the most critical for the safety and recovery of the plant. - Highlights: • We adopt a system-of-system framework to analyze the safety of a critical plant exposed to risk from external events, considering also the interdependent infrastructures that support the plant. • We develop a hierarchical modeling framework to represent the system of systems, accounting also for its recovery. • Monte Carlo simulation is used for the quantitative evaluation of the

FULCRUM - A dam safety management and alert system

Energy Technology Data Exchange (ETDEWEB)

Butt, Cameron; Greenaway, Graham [Knight Piesold Ltd., Vancouver, (Canada)

2010-07-01

Efficient management of instrumentation, monitoring and inspection data are the keys to safe performance and dam structure stability. This paper presented a data management system, FULCRUM, developed for dam safety management. FULCRUM is a secure web-based data management system which simplifies the process of data collection, processing and analysis of the information. The system was designed to organize and coordinate dam safety management requirements. Geotechnical instrumentation such as piezometers or inclinometers and operating data can be added to the database. Data from routine surveillance and engineering inspection can also be incorporated into the database. The system provides users with immediate access to historical and recent data. The integration of a GIS system allows for rapid assessment of the project site. Customisable alerting protocols can be set to identify and respond quickly to significant changes in operating conditions and potential impacts on dam safety.

Maintenance of radiation safety information system

Energy Technology Data Exchange (ETDEWEB)

Choi, Ho Sun [Korea Institute of Nuclear Safety, Taejon (Korea, Republic of); Park, Moon Il; Chung, Chong Kyu; Lim, Bock Soo; Kim, Hyung Uk; Chang, Kwang Il; Nam, Kwan Hyun; Cho, Hye Ryan [AD center incubation LAB, Taejon (Korea, Republic of)

2001-12-15

The objectives of radiation safety information system maintenance are to maintain the requirement of users, change of job process and upgrade of the system performance stably and effectively while system maintenance. We conduct the code of conduct recommended by IAEA, management of radioisotope inventory database systematically using analysis for the state of inventory database integrated in this system. This system and database will be support the regulatory guidance, rule making and information to the MOST, KINS, other regulatory related organization and general public optimizationally.

Galileo and Ulysses missions safety analysis and launch readiness status

International Nuclear Information System (INIS)

Cork, M.J.; Turi, J.A.

1989-01-01

The Galileo spacecraft will explore the Jupiter system and Ulysses will fly by Jupiter en route to a polar orbit of the sun. Both spacecraft are powered by general purpose heat source radioisotope thermoelectric generators (RTGs). As a result of the Challenger accident and subsequent mission reprogramming, the Galileo and Ulysses missions' safety analysis had to be repeated. In addition to presenting an overview of the safety analysis status for the missions, this paper presents a brief review of the missions' objectives and design approaches, RTG design characteristics and development history, and a description of the safety analysis process. (author)

Preliminary safety analysis for key design features of KALIMER

Energy Technology Data Exchange (ETDEWEB)

Hahn, D. H.; Kwon, Y. M.; Chang, W. P.; Suk, S. D.; Lee, S. O.; Lee, Y. B.; Jeong, K. S

2000-07-01

KAERI is currently developing the conceptual design of a liquid metal reactor, KALIMER(Korea Advanced Liquid Metal Reactor) under the long-term nuclear R and D program. In this report, descriptions of the KALIMER safety design features and safety analyses results for selected ATWS accidents are presented. First, the basic approach to achieve the safety goal is introduced in chapter 1, and the safety evaluation procedure for the KALIMER design is described in chapter 2. It includes event selection, event categorization, description of design basis events, and beyond design basis events. In chapter 3, results of inherent safety evaluations for the KALIMER conceptual design are presented. The KALIMER core and plant system are designed to assure design performance during a selected set of events without either reactor control or protection system intervention. Safety analyses for the postulated anticipated transient without scram(ATWS) have been performed to investigate the KALIMER system response to the events. They are categorized as bounding events(BEs) because of their low probability of occurrence. In chapter 4, the design of the KALIMER containment dome and the results of its performance analysis are presented. The designs of the existing LMR containment and the KALIMER containment dome have been compared in this chapter. Procedure of the containment performance analysis and the analysis results are described along with the accident scenario and source terms. Finally, a simple methodology is introduced to investigate the core kinetics and hydraulic behavior during HCDA in chapter 5. Mathematical formulations have been developed in the framework of the modified bethe-tait method, and scoping analyses have been performed for the KALIMER core behavior during super-prompt critical excursions.

Qualitative and quantitative reliability analysis of safety systems

International Nuclear Information System (INIS)

Karimi, R.; Rasmussen, N.; Wolf, L.

1980-05-01

A code has been developed for the comprehensive analysis of a fault tree. The code designated UNRAC (UNReliability Analysis Code) calculates the following characteristics of an input fault tree: (1) minimal cut sets; (2) top event unavailability as point estimate and/or in time dependent form; (3) quantitative importance of each component involved; and, (4) error bound on the top event unavailability. UNRAC can analyze fault trees, with any kind of gates (EOR, NAND, NOR, AND, OR), up to a maximum of 250 components and/or gates. The code is benchmarked against WAMCUT, MODCUT, KITT, BIT-FRANTIC, and PL-MODT. The results showed that UNRAC produces results more consistent with the KITT results than either BIT-FRANTIC or PL-MODT. Overall it is demonstrated that UNRAC is an efficient easy-to-use code and has the advantage of being able to do a complete fault tree analysis with this single code. Applications of fault tree analysis to safety studies of nuclear reactors are considered

Management system of health and safety work (SMK3) with job safety analysis (JSA) in PT. Nira Murni construction

Science.gov (United States)

Melliana, Armen, Yusrizal, Akmal, Syarifah

2017-11-01

PT Nira Murni construction is a contractor of PT Chevron Pacific Indonesia which engaged in contractor, fabrication, maintenance construction suppliers, and labor services. The high of accident rate in this company is caused the lack of awareness of workplace safety. Therefore, it requires an effort to reduce the accident rate on the company so that the financial losses can be minimized. In this study, Safe T-Score method is used to analyze the accident rate by measuring the level of frequency. Analysis is continued using risk management methods which identify hazards, risk measurement and risk management. The last analysis uses Job safety analysis (JSA) which will identify the effect of accidents. From the result of this study can be concluded that Job Safety Analysis (JSA) methods has not been implemented properly. Therefore, JSA method needs to follow-up in the next study, so that can be well applied as prevention of occupational accidents.

Safety culture and accident analysis-A socio-management approach based on organizational safety social capital

International Nuclear Information System (INIS)

Rao, Suman

2007-01-01

One of the biggest challenges for organizations in today's competitive business environment is to create and preserve a self-sustaining safety culture. Typically, Key drivers of safety culture in many organizations are regulation, audits, safety training, various types of employee exhortations to comply with safety norms, etc. However, less evident factors like networking relationships and social trust amongst employees, as also extended networking relationships and social trust of organizations with external stakeholders like government, suppliers, regulators, etc., which constitute the safety social capital in the Organization-seem to also influence the sustenance of organizational safety culture. Can erosion in safety social capital cause deterioration in safety culture and contribute to accidents? If so, how does it contribute? As existing accident analysis models do not provide answers to these questions, CAMSoC (Curtailing Accidents by Managing Social Capital), an accident analysis model, is proposed. As an illustration, five accidents: Bhopal (India), Hyatt Regency (USA), Tenerife (Canary Islands), Westray (Canada) and Exxon Valdez (USA) have been analyzed using CAMSoC. This limited cross-industry analysis provides two key socio-management insights: the biggest source of motivation that causes deviant behavior leading to accidents is 'Faulty Value Systems'. The second biggest source is 'Enforceable Trust'. From a management control perspective, deterioration in safety culture and resultant accidents is more due to the 'action controls' rather than explicit 'cultural controls'. Future research directions to enhance the model's utility through layering are addressed briefly

Use of F.M.E.A. for reliability analysis of safety systems in nuclear power plants

International Nuclear Information System (INIS)

Barbet, J.F.; Llory, M.; Villemeur, A.

1982-01-01

In the framework of the French nuclear power plant program, reliability studies of safety systems have been carried out at the Electricite de France since 1975. The main results of the studies are examined; about the methodological aspects it appears useful to develop an inductive approach such as the Failure Modes and Effects Analysis (F.M.E.A.). The method is described with its advantages and limitations; the possibilities of use of F.M.E.A. to solve specific safety problems are investigated. To conclude, the future trends of research and development in this field at Electricite de France are pointed out [fr

Improvement of the regulatory system by implementation new safety demands

International Nuclear Information System (INIS)

Iglesias, R.; Alfonso, C.

1996-01-01

The work describes in broad terms, the analysis that is being performed aiming at the adoption of a regulatory system that could meet the current safety demands, but which, at the same time, could be a general system that might allow different safety assessments to be done by making use of more specific technical standards of the technology supplier

Verification and validation issues for digitally-based NPP safety systems

International Nuclear Information System (INIS)

Ets, A.R.

1993-01-01

The trend toward standardization, integration and reduced costs has led to increasing use of digital systems in reactor protection systems. While digital systems provide maintenance and performance advantages, their use also introduces new safety issues, in particular with regard to software. Current practice relies on verification and validation (V and V) to ensure the quality of safety software. However, effective V and V must be done in conjunction with a structured software development process and must consider the context of the safety system application. This paper present some of the issues and concerns that impact on the V and V process. These include documentation of systems requirements, common mode failures, hazards analysis and independence. These issues and concerns arose during evaluations of NPP safety systems for advanced reactor designs and digital I and C retrofits for existing nuclear plants in the United States. The pragmatic lessons from actual systems reviews can provide a basis for further refinement and development of guidelines for applying V and V to NPP safety systems. (author). 14 refs

Safety analysis for the use of new digital safety I and C systems; Sicherheitsanalytik fuer den Einsatz neuer digitaler Sicherheits-Leittechniksysteme

Energy Technology Data Exchange (ETDEWEB)

Buehler, Cornelia [TUEV SUED Industrie Service GmbH, Muenchen (Germany). Energie und Technologie

2012-05-15

Age-induced replacement or modernization of safety I and C systems by digital equipment technology has been one of the topical subjects in nuclear technology for more than a decade. Digital equipment technology in this case means microcontroller- or microprocessor-based systems which implement I and C functions in software (SW) and, on the other hand, systems with programmed hardware (HW) components, such as Application-specific Integrated Circuits (ASIC), Field Programmable Gate Arrays (FPGA) or Programmable Logic Devices (PLS), which can be developed only by means of sophisticated SW development environments. The switch to digital equipment technology is more than a mere change in equipment technology even though the I and C functions remain almost identical in most cases. The switch not only leads to a different approach in equipment qualification, but also requires new focal points in plant design when it comes to assessing plant design, and needs new or adapted methods of analysis and evaluation. The main reason lies in the greater possibilities of systematic errors caused mainly by software-based development, manufacture and maintenance. New and adapted methods of analysis and evaluation for I and C systems are presented and explained. It is safe to say that safety I and C technology in the highest category of requirements necessitates a very far reaching realignment in design and evaluation as well as the use of new analytical techniques. This meets the claim of an I and C technology fit for use, reliable and comparable to the technology it replaces. (orig.)

On the safety of aircraft systems: A case study

Energy Technology Data Exchange (ETDEWEB)

Martinez-Guridi, G.; Hall, R.E.; Fullwood, R.R.

1997-05-14

An airplane is a highly engineered system incorporating control- and feedback-loops which often, and realistically, are non-linear because the equations describing such feedback contain products of state variables, trigonometric or square-root functions, or other types of non-linear terms. The feedback provided by the pilot (crew) of the airplane also is typically non-linear because it has the same mathematical characteristics. An airplane is designed with systems to prevent and mitigate undesired events. If an undesired triggering event occurs, an accident may process in different ways depending on the effectiveness of such systems. In addition, the progression of some accidents requires that the operating crew take corrective action(s), which may modify the configuration of some systems. The safety assessment of an aircraft system typically is carried out using ARP (Aerospace Recommended Practice) 4761 (SAE, 1995) methods, such as Fault Tree Analysis (FTA) and Failure Mode and Effects Analysis (FMEA). Such methods may be called static because they model an aircraft system on its nominal configuration during a mission time, but they do not incorporate the action(s) taken by the operating crew, nor the dynamic behavior (non-linearities) of the system (airplane) as a function of time. Probabilistic Safety Assessment (PSA), also known as Probabilistic Risk Assessment (PRA), has been applied to highly engineered systems, such as aircraft and nuclear power plants. PSA encompasses a wide variety of methods, including event tree analysis (ETA), FTA, and common-cause analysis, among others. PSA should not be confused with ARP 4761`s proposed PSSA (Preliminary System Safety Assessment); as its name implies, PSSA is a preliminary assessment at the system level consisting of FTA and FMEA.

Safety evaluation of BWR off-gas treatment systems

International Nuclear Information System (INIS)

Schultz, R.J.; Schmitt, R.C.

1975-01-01

Some of the results of a safety evaluation performed on current generic types of BWR off-gas treatment systems including cooled and ambient temperature adsorber beds and cryogenics are presented. The evaluation covered the four generic types of off-gas systems and the systems of five major vendors. This study was part of original work performed under AEC contract for the Directorate of Regulatory Standards. The analysis techniques employed for the safety evaluation of these systems include: Fault Tree Analysis; FMECA (Failure Mode Effects and Criticality Analysis); general system comparisons, contaminant, system control, and design adequacy evaluations; and resultant Off-Site Dose Calculations. The salient areas presented are some of the potential problem areas, the approach that industry has taken to mitigate or design against potential upset conditions, and areas where possible deficiencies still exist. Potential problem areas discussed include hydrogen detonation, hydrogen release to equipment areas, operator/automatic control interface, and needed engineering evaluation to insure safe system operation. Of the systems reviewed, most were in the category of advanced or improved over that commonly in use today, and a conclusion from the study was that these systems offer excellent potential for noble gas control for BWR power plants where more stringent controls may be specified -- now or in the future. (U.S.)

Comparative analysis of operation and safety of subcritical nuclear systems and innovative critical reactors; Analyse comparative du fonctionnement et de la surete de systemes sous-critiques et de reacteurs critiques innovants