basic level 1. psa course for analysts · basic level 1. psa course for analysts dependent failure...
TRANSCRIPT
Basic Level 1. PSA course for analystsBasic Level 1. PSA course for analysts
Dependent failure analysisDependent failure analysis
IAEA Training in level 1 PSA and PSA applications
Dependent failure analysis
Slide 2.
ContentContent
Types of dependencies in the PSAPhysical dependenciesFunctional dependencies Location/environmental dependenciesData based dependenciesPlant configuration related dependencies
Common Cause FailuresHuman dependencies
Types of dependencies in the PSATypes of dependencies in the PSAPhysical dependenciesPhysical dependenciesFunctional dependencies Functional dependencies Location/environmental dependenciesLocation/environmental dependenciesData based dependenciesData based dependenciesPlant configuration related dependenciesPlant configuration related dependencies
Common Cause FailuresCommon Cause FailuresHuman dependenciesHuman dependencies
Dependent failure analysis
Slide 3.
PHYSICAL DEPENDENCIESPHYSICAL DEPENDENCIES
EXAMPLES
COMMON SUCTION VALVE FOR TWO PUMPSAC POWER SUPPLYDC POWER SUPPLYINTERLOCKS FOR PUMPS, VALVES, CIRCUIT BREAKERSAUTOMATIC START / ALIGNMENT SIGNALSRESTART SIGNALSCOOLING WATER
EXAMPLESEXAMPLES
COMMON SUCTION VALVE COMMON SUCTION VALVE FOR TWO PUMPSFOR TWO PUMPSAC POWER SUPPLYAC POWER SUPPLYDC POWER SUPPLYDC POWER SUPPLYINTERLOCKS FOR PUMPS, INTERLOCKS FOR PUMPS, VALVES, CIRCUIT BREAKERSVALVES, CIRCUIT BREAKERSAUTOMATIC START / AUTOMATIC START / ALIGNMENT SIGNALSALIGNMENT SIGNALSRESTART SIGNALSRESTART SIGNALSCOOLING WATERCOOLING WATER
TREATMENT
DEPENDENCY MATRICESEVENT TREE / FAULT TREE LOGIC STRUCTUREEVENT TREE / FAULT TREE LINKING
TREATMENTTREATMENT
DEPENDENCY MATRICESDEPENDENCY MATRICESEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LOGIC STRUCTURELOGIC STRUCTUREEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LINKINGLINKING
Dependent failure analysis
Slide 4.
FUNCTIONAL DEPENDENCIESFUNCTIONAL DEPENDENCIES
EXAMPLES
INJECTION CRITERIA FOR LOCAsINJECTION REQUIRED FOR RECIRCULATIONMAKEUP AND STEAM RELIEF REQUIRED FOR SECONDARY HEAT REMOVALOPERATOR ACTIONS TO START / ALIGN EQUIPMENTTIMING OF FAILURES AND RECOVERY ACTIONSCOORDINATED OUTAGES AND PLANNED MAINTENANCECOOLING WATERHVAC AND ROOM COOLING
EXAMPLESEXAMPLES
INJECTION CRITERIA FOR INJECTION CRITERIA FOR LOCAsLOCAsINJECTION REQUIRED FOR INJECTION REQUIRED FOR RECIRCULATIONRECIRCULATIONMAKEUP AND STEAM RELIEF MAKEUP AND STEAM RELIEF REQUIRED FOR SECONDARY REQUIRED FOR SECONDARY HEAT REMOVALHEAT REMOVALOPERATOR ACTIONS TO START / OPERATOR ACTIONS TO START / ALIGN EQUIPMENTALIGN EQUIPMENTTIMING OF FAILURES AND TIMING OF FAILURES AND RECOVERY ACTIONSRECOVERY ACTIONSCOORDINATED OUTAGES AND COORDINATED OUTAGES AND PLANNED MAINTENANCEPLANNED MAINTENANCECOOLING WATERCOOLING WATERHVAC AND ROOM COOLINGHVAC AND ROOM COOLING
TREATMENT
EVENT SEQUENCE DIAGRAMSSUCCESS CRITERIA FOR SYSTEMS AND OPERATOR ACTIONSTIME INTEGRALS FOR FAILURES AND RECOVERY ACTIONSPLANNED MAINTENANCE MODELSEVENT TREE / FAULT TREE LOGIC STRUCTUREEVENT TREE / FAULT TREE LINKING
TREATMENTTREATMENT
EVENT SEQUENCE DIAGRAMSEVENT SEQUENCE DIAGRAMSSUCCESS CRITERIA FOR SUCCESS CRITERIA FOR SYSTEMS AND OPERATOR SYSTEMS AND OPERATOR ACTIONSACTIONSTIME INTEGRALS FOR FAILURES TIME INTEGRALS FOR FAILURES AND RECOVERY ACTIONSAND RECOVERY ACTIONSPLANNED MAINTENANCE PLANNED MAINTENANCE MODELSMODELSEVENT TREE / FAULT TREE LOGIC EVENT TREE / FAULT TREE LOGIC STRUCTURESTRUCTUREEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LINKINGLINKING
Dependent failure analysis
Slide 5.
LOCATION / ENVIRONMENTAL DEPENDENCIESLOCATION / ENVIRONMENTAL DEPENDENCIES
EXAMPLES
STRUCTURAL FAILURES / SEISMIC EVENTSFIRESFLOODINGTURBINE MISSILESWATER SPRAYHVAC AND ROOM COOLINGINTAKE PLUGGING
EXAMPLESEXAMPLES
STRUCTURAL FAILURES / STRUCTURAL FAILURES / SEISMIC EVENTSSEISMIC EVENTSFIRESFIRESFLOODINGFLOODINGTURBINE MISSILESTURBINE MISSILESWATER SPRAYWATER SPRAYHVAC AND ROOM COOLINGHVAC AND ROOM COOLINGINTAKE PLUGGINGINTAKE PLUGGING
TREATMENT
SPATIAL INTERACTIONS ANALYSESEXTERNAL EVENTS ANALYSESEVENT TREE / FAULT TREE LOGIC STRUCTUREEVENT TREE / FAULT TREE LINKING
TREATMENTTREATMENT
SPATIAL INTERACTIONS SPATIAL INTERACTIONS ANALYSESANALYSESEXTERNAL EVENTS EXTERNAL EVENTS ANALYSESANALYSESEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LOGIC STRUCTURELOGIC STRUCTUREEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LINKINGLINKING
Dependent failure analysis
Slide 6.
DATADATA--BASED DEPENDENCIESBASED DEPENDENCIES
EXAMPLES
MULTIPLE COMPONENT MAINTENANCECOORDINATED OUTAGES AND PLANNED MAINTENANCEOBSERVED COMBINED FAILURE RATE FOR MULTIPLE SIMILAR COMPONENTS IS HIGHER THAN THE INDEPENDENT PRODUCT OF THE SINGLE COMPONENT FAILURE RATES
EXAMPLESEXAMPLES
MULTIPLE COMPONENT MULTIPLE COMPONENT MAINTENANCEMAINTENANCECOORDINATED OUTAGES AND COORDINATED OUTAGES AND PLANNED MAINTENANCEPLANNED MAINTENANCEOBSERVED COMBINED OBSERVED COMBINED FAILURE RATE FOR MULTIPLE FAILURE RATE FOR MULTIPLE SIMILAR COMPONENTS IS SIMILAR COMPONENTS IS HIGHER THAN THE HIGHER THAN THE INDEPENDENT PRODUCT OF INDEPENDENT PRODUCT OF THE SINGLE COMPONENT THE SINGLE COMPONENT FAILURE RATESFAILURE RATES
TREATMENT
COMMON MAINTENANCE BASIC EVENTSPLANNED MAINTENANCE MODELSCOMMON CAUSE FAILURE BASIC EVENTSCOMMON CAUSE FAILURE PARAMETERSEVENT TREE / FAULT TREE LOGIC STRUCTUREEVENT TREE / FAULT TREE LINKING
TREATMENTTREATMENT
COMMON MAINTENANCE COMMON MAINTENANCE BASIC EVENTSBASIC EVENTSPLANNED MAINTENANCE PLANNED MAINTENANCE MODELSMODELSCOMMON CAUSE FAILURE COMMON CAUSE FAILURE BASIC EVENTSBASIC EVENTSCOMMON CAUSE FAILURE COMMON CAUSE FAILURE PARAMETERSPARAMETERSEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LOGIC STRUCTURELOGIC STRUCTUREEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LINKINGLINKING
Dependent failure analysis
Slide 7.
HUMAN DEPENDENCIESHUMAN DEPENDENCIES
EXAMPLES
TIME WINDOW FOR OPERATOR RESPONSESIMILAR FUNCTIONSMULTIPLE OPTIONS / PRIORITIESPROCEDURES / TRAININGPERSONNEL / STAFFINGLOCATIONPRECEDING SYSTEM SUCCESSES / FAILURESPRECEDING OPERATOR SUCCESSES / FAILURES
EXAMPLESEXAMPLES
TIME WINDOW FOR TIME WINDOW FOR OPERATOR RESPONSEOPERATOR RESPONSESIMILAR FUNCTIONSSIMILAR FUNCTIONSMULTIPLE OPTIONS / MULTIPLE OPTIONS / PRIORITIESPRIORITIESPROCEDURES / TRAININGPROCEDURES / TRAININGPERSONNEL / STAFFINGPERSONNEL / STAFFINGLOCATIONLOCATIONPRECEDING SYSTEM PRECEDING SYSTEM SUCCESSES / FAILURESSUCCESSES / FAILURESPRECEDING OPERATOR PRECEDING OPERATOR SUCCESSES / FAILURESSUCCESSES / FAILURES
TREATMENT
ORGANIZE MODELS TO DISPLAY OPERATOR ACTIONSTHERMAL / HYDRAULIC ANALYSES FOR TIME WINDOWSCOGNITIVE RESPONSE / IMPLEMENTATION TASKSEVENT TREE / FAULT TREE LOGIC STRUCTUREEVENT TREE / FAULT TREE LINKING
TREATMENTTREATMENT
ORGANIZE MODELS TO ORGANIZE MODELS TO DISPLAY OPERATOR ACTIONSDISPLAY OPERATOR ACTIONSTHERMAL / HYDRAULIC THERMAL / HYDRAULIC ANALYSES FOR TIME ANALYSES FOR TIME WINDOWSWINDOWSCOGNITIVE RESPONSE / COGNITIVE RESPONSE / IMPLEMENTATION TASKSIMPLEMENTATION TASKSEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LOGIC STRUCTURELOGIC STRUCTUREEVENT TREE / FAULT TREE EVENT TREE / FAULT TREE LINKINGLINKING
Dependent failure analysis
Slide 8.
PLANT CONFIGURATIONSPLANT CONFIGURATIONSPLANT OPERATING ALIGNMENTSPLANT OPERATING ALIGNMENTS
VERY IMPORTANT FOR SHUTDOWN PSA
OPERATIONAL CONSIDERATIONSPRESSURE, TEMPERATURE, COOLING MODERCS AND CONTAINMENT STATUSSYSTEM ALIGNMENTS / SIGNALS / ISOLATION
TESTING / MAINTENANCE CONSIDERATIONSPLANNED MAINTENANCETESTING PROGRAMS
PLANNED MAINTENANCE ALIGNMENTS MAY ALSO APPLY FOR FULL-POWER PSA
VERY IMPORTANT FOR SHUTDOWN PSAVERY IMPORTANT FOR SHUTDOWN PSA
OPERATIONAL CONSIDERATIONSOPERATIONAL CONSIDERATIONSPRESSURE, TEMPERATURE, COOLING MODEPRESSURE, TEMPERATURE, COOLING MODERCS AND CONTAINMENT STATUSRCS AND CONTAINMENT STATUSSYSTEM ALIGNMENTS / SIGNALS / ISOLATIONSYSTEM ALIGNMENTS / SIGNALS / ISOLATION
TESTING / MAINTENANCE CONSIDERATIONSTESTING / MAINTENANCE CONSIDERATIONSPLANNED MAINTENANCEPLANNED MAINTENANCETESTING PROGRAMSTESTING PROGRAMS
PLANNED MAINTENANCE ALIGNMENTS MAY ALSO APPLY FOR PLANNED MAINTENANCE ALIGNMENTS MAY ALSO APPLY FOR FULLFULL--POWER PSAPOWER PSA
Dependent failure analysis
Slide 9.
COMMON CAUSE FAILURESCOMMON CAUSE FAILURESCOMMON CAUSE FAILURE GROUPSCOMMON CAUSE FAILURE GROUPS
SIMILAR COMPONENTS
SAME FAILURE MODES
SIMILAR OPERATING DUTY CYCLES
SIMILAR TESTING, INSPECTION, MAINTENANCE
MAY APPLY ACROSS DIFFERENT SYSTEMS
SIMILAR COMPONENTSSIMILAR COMPONENTS
SAME FAILURE MODESSAME FAILURE MODES
SIMILAR OPERATING DUTY CYCLESSIMILAR OPERATING DUTY CYCLES
SIMILAR TESTING, INSPECTION, MAINTENANCESIMILAR TESTING, INSPECTION, MAINTENANCE
MAY APPLY ACROSS DIFFERENT SYSTEMSMAY APPLY ACROSS DIFFERENT SYSTEMS
Dependent failure analysis
Slide 10.
COMMON CAUSE FAILURESCOMMON CAUSE FAILURESLEVEL OF DETAILLEVEL OF DETAIL
BETA-FACTOR MODELSIMPLENUMERICALLY CONSERVATIVEREASONABLE DATA FOR MANY COMPONENTS AND FAILURE MODES
MULTIPLE GREEK LETTER (MGL) MODELMORE COMPLEX FAULT TREES / CUTSETSLOGICALLY MORE CORRECTNUMERICALLY MORE REALISTICVERY SPARSE DATA FOR MORE THAN 3 FAILURES
BETABETA--FACTOR MODELFACTOR MODELSIMPLESIMPLENUMERICALLY CONSERVATIVENUMERICALLY CONSERVATIVEREASONABLE DATA FOR MANY COMPONENTS AND REASONABLE DATA FOR MANY COMPONENTS AND FAILURE MODESFAILURE MODES
MULTIPLE GREEK LETTER (MGL) MODELMULTIPLE GREEK LETTER (MGL) MODELMORE COMPLEX FAULT TREES / CUTSETSMORE COMPLEX FAULT TREES / CUTSETSLOGICALLY MORE CORRECTLOGICALLY MORE CORRECTNUMERICALLY MORE REALISTICNUMERICALLY MORE REALISTICVERY SPARSE DATA FOR MORE THAN 3 FAILURESVERY SPARSE DATA FOR MORE THAN 3 FAILURES
Dependent failure analysis
Slide 11.
COMMON CAUSE FAILURESCOMMON CAUSE FAILURESLEVEL OF DETAIL (cont.)LEVEL OF DETAIL (cont.)
OTHER PARAMETRIC MODELS LIMITED BY SAME DATA
“LETHAL SHOCKS”AFFECT ALL COMPONENTS IN A GROUPVERY LIKELY TO BE CAUSE FOR MORE THAN 3 OR 4 CORRELATED FAILURES
MODELS FOR LARGE NUMBERS OF COMPONENTSLARGE NUMBER OF COMBINATIONS IN POPULATIONBEWARE OF FUNCTIONAL IMPACTS FROM SPECIFIC COMBINATIONS
OTHER PARAMETRIC MODELS LIMITED BY SAME DATAOTHER PARAMETRIC MODELS LIMITED BY SAME DATA
““LETHAL SHOCKSLETHAL SHOCKS””AFFECT ALL COMPONENTS IN A GROUPAFFECT ALL COMPONENTS IN A GROUPVERY LIKELY TO BE CAUSE FOR MORE THAN 3 OR 4 VERY LIKELY TO BE CAUSE FOR MORE THAN 3 OR 4 CORRELATED FAILURESCORRELATED FAILURES
MODELS FOR LARGE NUMBERS OF COMPONENTSMODELS FOR LARGE NUMBERS OF COMPONENTSLARGE NUMBER OF COMBINATIONS IN POPULATIONLARGE NUMBER OF COMBINATIONS IN POPULATIONBEWARE OF FUNCTIONAL IMPACTS FROM SPECIFIC BEWARE OF FUNCTIONAL IMPACTS FROM SPECIFIC COMBINATIONSCOMBINATIONS
Dependent failure analysis
Slide 12.
COMMON CAUSE FAILURESCOMMON CAUSE FAILURESEXAMPLE EXAMPLE -- 10 RELAYS10 RELAYS
RELAY FAILURE IMPACTSTRAIN A: RELAYS RA1 * RA2TRAIN B: RELAYS RB1 * RB2TRAINS A * B:RELAYS RA1 * RB1 * RXX
COMBINATIONS IN POPULATION2 RELAYS: (10!) / (8!*2!) = 453 RELAYS: (10!) / (7!*3!) = 1204 RELAYS: (10!) / (6!*4!) = 210
RELAY FAILURE IMPACTSRELAY FAILURE IMPACTSTRAIN A:TRAIN A: RELAYS RA1 * RA2RELAYS RA1 * RA2TRAIN B:TRAIN B: RELAYS RB1 * RB2RELAYS RB1 * RB2TRAINS A * B:TRAINS A * B:RELAYS RA1 * RB1 * RXXRELAYS RA1 * RB1 * RXX
COMBINATIONS IN POPULATIONCOMBINATIONS IN POPULATION2 RELAYS:2 RELAYS: (10!) / (8!*2!) = 45(10!) / (8!*2!) = 453 RELAYS:3 RELAYS: (10!) / (7!*3!) = 120(10!) / (7!*3!) = 1204 RELAYS:4 RELAYS: (10!) / (6!*4!) = 210(10!) / (6!*4!) = 210
Dependent failure analysis
Slide 13.
COMMON CAUSE FAILURESCOMMON CAUSE FAILURESEXAMPLE EXAMPLE -- 10 RELAYS (cont.)10 RELAYS (cont.)
TRAIN A: 1 / 45 OF DOUBLE FAILURES +8 / 120 OF TRIPLE FAILURES
TRAIN B: 1 / 45 OF DOUBLE FAILURES +8 / 120 OF TRIPLE FAILURES
TRAINS A * B: 1 / 120 OF TRIPLE FAILURES
COMPLETE MGL EXPANSIONMORE REALISTIC MODELS AND RESULTSMAY BE WORTHWHILE EVEN IF FAILURE OF 4 OR MORE RELAYS CAUSES SEVERE CONSEQUENCES
TRAIN A:TRAIN A: 1 / 451 / 45 OF DOUBLE FAILURES +OF DOUBLE FAILURES +8 / 1208 / 120 OF TRIPLE FAILURESOF TRIPLE FAILURES
TRAIN B:TRAIN B: 1 / 451 / 45 OF DOUBLE FAILURES +OF DOUBLE FAILURES +8 / 1208 / 120 OF TRIPLE FAILURESOF TRIPLE FAILURES
TRAINS A * B:TRAINS A * B: 1 / 1201 / 120 OF TRIPLE FAILURESOF TRIPLE FAILURES
COMPLETE MGL EXPANSIONCOMPLETE MGL EXPANSIONMORE REALISTIC MODELS AND RESULTSMORE REALISTIC MODELS AND RESULTSMAY BE WORTHWHILE EVEN IF FAILURE OF 4 OR MAY BE WORTHWHILE EVEN IF FAILURE OF 4 OR MORE RELAYS CAUSES SEVERE CONSEQUENCESMORE RELAYS CAUSES SEVERE CONSEQUENCES
Dependent failure analysis
Slide 14.
COMMON CAUSE FAILURESCOMMON CAUSE FAILURESCOMMON CAUSE DATA SCREENINGCOMMON CAUSE DATA SCREENING
TABULATED PARAMETER VALUESBROAD APPLICABILITYAUTHORS’ JUDGMENTMAY NOT BE CONSERVATIVE FOR ALL APPLICATIONS
ACTUAL EVENT SUMMARIES MOST USEFUL
EVENT REVIEW / SCREENINGDO NOT USE “BETTER” TRAINING, PROCEDURES, PEOPLE, ETC. AS BASIS FOR REMOVING EVENTSPOSSIBLE MORE SEVERE PLANT-SPECIFIC IMPACTS THAN AT OCCURRENCE PLANT
TABULATED PARAMETER VALUESTABULATED PARAMETER VALUESBROAD APPLICABILITYBROAD APPLICABILITYAUTHORSAUTHORS’’ JUDGMENTJUDGMENTMAY NOT BE CONSERVATIVE FOR ALL MAY NOT BE CONSERVATIVE FOR ALL APPLICATIONSAPPLICATIONS
ACTUAL EVENT SUMMARIES MOST USEFULACTUAL EVENT SUMMARIES MOST USEFUL
EVENT REVIEW / SCREENINGEVENT REVIEW / SCREENINGDO NOT USE DO NOT USE ““BETTERBETTER”” TRAINING, PROCEDURES, TRAINING, PROCEDURES, PEOPLE, ETC. AS BASIS FOR REMOVING EVENTSPEOPLE, ETC. AS BASIS FOR REMOVING EVENTSPOSSIBLE MORE SEVERE PLANTPOSSIBLE MORE SEVERE PLANT--SPECIFIC IMPACTS SPECIFIC IMPACTS THAN AT OCCURRENCE PLANTTHAN AT OCCURRENCE PLANT
Dependent failure analysis
Slide 15.
HUMAN DEPENDENCIESHUMAN DEPENDENCIESELEMENTS OF A HUMAN ACTIONELEMENTS OF A HUMAN ACTION
IDENTIFICATION
DIAGNOSIS COGNITIVE
DECISION
RESPONSE IMPLEMENTATION
IDENTIFICATIONIDENTIFICATION
DIAGNOSISDIAGNOSIS COGNITIVECOGNITIVE
DECISIONDECISION
RESPONSERESPONSE IMPLEMENTATIONIMPLEMENTATION
}
Dependent failure analysis
Slide 16.
HUMAN DEPENDENCIESHUMAN DEPENDENCIESHUMAN BEINGS ARE NOT HARDWAREHUMAN BEINGS ARE NOT HARDWARE
HUMAN RELIABILITY CANNOT BE EVALUATED OUT OF CONTEXT
HUMAN PERFORMANCE DEPENDS ON THE ENTIRE HISTORY OF ACCUMULATED KNOWLEDGE, EXPERIENCE, TRAINING, GUIDANCE, AND INFORMATION UNTIL THE TIME OF RESPONSE
HUMANS INTERPRET THE INFORMATION THAT THEY RECEIVE, EVALUATE ITS RELEVANCE AND MEANING, FORM A CONCLUSION, AND RESPOND
INFORMATION, INTERPRETATION, AND DECISION DEPEND ON CONTEXT
HUMAN RELIABILITY CANNOT BE EVALUATED OUT OF HUMAN RELIABILITY CANNOT BE EVALUATED OUT OF CONTEXTCONTEXT
HUMAN PERFORMANCE DEPENDS ON THE ENTIRE HUMAN PERFORMANCE DEPENDS ON THE ENTIRE HISTORY OF ACCUMULATED KNOWLEDGE, HISTORY OF ACCUMULATED KNOWLEDGE, EXPERIENCE, TRAINING, GUIDANCE, AND EXPERIENCE, TRAINING, GUIDANCE, AND INFORMATION UNTIL THE TIME OF RESPONSEINFORMATION UNTIL THE TIME OF RESPONSE
HUMANS INTERPRET THE INFORMATION THAT THEY HUMANS INTERPRET THE INFORMATION THAT THEY RECEIVE, EVALUATE ITS RELEVANCE AND MEANING, RECEIVE, EVALUATE ITS RELEVANCE AND MEANING, FORM A CONCLUSION, AND RESPONDFORM A CONCLUSION, AND RESPOND
INFORMATION, INTERPRETATION, AND DECISION INFORMATION, INTERPRETATION, AND DECISION DEPEND ON CONTEXTDEPEND ON CONTEXT
Dependent failure analysis
Slide 17.
HUMAN DEPENDENCIESHUMAN DEPENDENCIESSCENARIOSCENARIO--BASED PERSPECTIVEBASED PERSPECTIVE
PSA MODELS CONTAIN VERY LARGE NUMBERS OF INDIVIDUAL SCENARIOS (“SEQUENCES”, “CUTSETS”, ETC.)
IDENTIFY IMPORTANT DIFFERENCES THAT AFFECT HUMAN RESPONSE
GROUP SCENARIOS AND DEFINE PSA ACTIONS BASED ON SUCCESS CRITERIA AND BOUNDARY CONDITIONS FOR HUMAN PERFORMANCE
MANUAL START OF STANDBY EQUIPMENT IS A SCENARIO-BASED COGNITIVE ACTION
PSA MODELS CONTAIN VERY LARGE NUMBERS OF PSA MODELS CONTAIN VERY LARGE NUMBERS OF INDIVIDUAL SCENARIOS (INDIVIDUAL SCENARIOS (““SEQUENCESSEQUENCES””, , ““CUTSETSCUTSETS””, , ETC.)ETC.)
IDENTIFY IMPORTANT DIFFERENCES THAT AFFECT IDENTIFY IMPORTANT DIFFERENCES THAT AFFECT HUMAN RESPONSEHUMAN RESPONSE
GROUP SCENARIOS AND DEFINE PSA ACTIONS BASED GROUP SCENARIOS AND DEFINE PSA ACTIONS BASED ON SUCCESS CRITERIA AND BOUNDARY CONDITIONS ON SUCCESS CRITERIA AND BOUNDARY CONDITIONS FOR HUMAN PERFORMANCEFOR HUMAN PERFORMANCE
MANUAL START OF STANDBY EQUIPMENT IS A MANUAL START OF STANDBY EQUIPMENT IS A SCENARIOSCENARIO--BASED COGNITIVE ACTIONBASED COGNITIVE ACTION
Dependent failure analysis
Slide 18.
HUMAN DEPENDENCIESHUMAN DEPENDENCIESSCENARIOSCENARIO--BASED CONSIDERATIONSBASED CONSIDERATIONS
INITIATING EVENT
AVAILABLE TIME WINDOW
AVAILABLE EQUIPMENT
CUES, INDICATIONS, AND ALARMS
PROCEDURES, TRAINING, AND EXPERIENCE
COMPETING PRIORITIES
PREVIOUS OPERATOR ACTIONS (SUCCESSES AND FAILURES)
INITIATING EVENTINITIATING EVENT
AVAILABLE TIME WINDOWAVAILABLE TIME WINDOW
AVAILABLE EQUIPMENTAVAILABLE EQUIPMENT
CUES, INDICATIONS, AND ALARMSCUES, INDICATIONS, AND ALARMS
PROCEDURES, TRAINING, AND EXPERIENCEPROCEDURES, TRAINING, AND EXPERIENCE
COMPETING PRIORITIESCOMPETING PRIORITIES
PREVIOUS OPERATOR ACTIONS (SUCCESSES AND PREVIOUS OPERATOR ACTIONS (SUCCESSES AND FAILURES)FAILURES)
Dependent failure analysis
Slide 19.
HUMAN DEPENDENCIESHUMAN DEPENDENCIESIDENTIFY / DISPLAY DEPENDENCIESIDENTIFY / DISPLAY DEPENDENCIES
PSA MODELS SHOULD:DISPLAY OPERATOR ACTIONS IN SCENARIO CONTEXTIDENTIFY ALL CONDITIONS WHERE OPERATOR ACTIONS ARE COMBINED THROUGH “AND” LOGIC
DIFFICULT TO IDENTIFY SCENARIO CONTEXT AND COMBINED ACTIONS IN FAULT TREE FORMAT
USUALLY REQUIRES MODEL SOLUTIONNUMERICAL VALUES MAY SUPPRESS CUTSETS“SCREENING VALUES” MAY BE OPTIMISTIC
EVENT TREE FORMAT GENERALLY BETTERDEFINES SCENARIO CONTEXTIDENTIFIES COMBINED ACTIONS
PSA MODELS SHOULD:PSA MODELS SHOULD:DISPLAY OPERATOR ACTIONS IN SCENARIO CONTEXTDISPLAY OPERATOR ACTIONS IN SCENARIO CONTEXTIDENTIFY ALL CONDITIONS WHERE OPERATOR ACTIONS ARE IDENTIFY ALL CONDITIONS WHERE OPERATOR ACTIONS ARE COMBINED THROUGH COMBINED THROUGH ““ANDAND”” LOGICLOGIC
DIFFICULT TO IDENTIFY SCENARIO CONTEXT AND COMBINED DIFFICULT TO IDENTIFY SCENARIO CONTEXT AND COMBINED ACTIONS IN FAULT TREE FORMATACTIONS IN FAULT TREE FORMAT
USUALLY REQUIRES MODEL SOLUTIONUSUALLY REQUIRES MODEL SOLUTIONNUMERICAL VALUES MAY SUPPRESS CUTSETSNUMERICAL VALUES MAY SUPPRESS CUTSETS““SCREENING VALUESSCREENING VALUES”” MAY BE OPTIMISTICMAY BE OPTIMISTIC
EVENT TREE FORMAT GENERALLY BETTEREVENT TREE FORMAT GENERALLY BETTERDEFINES SCENARIO CONTEXTDEFINES SCENARIO CONTEXTIDENTIFIES COMBINED ACTIONSIDENTIFIES COMBINED ACTIONS
Dependent failure analysis
Slide 20.
HUMAN DEPENDENCIESHUMAN DEPENDENCIESFACTORS THAT REDUCE HUMAN DEPENDENCEFACTORS THAT REDUCE HUMAN DEPENDENCE
PRECEDING OPERATOR SUCCESS
LONG TIME WINDOW BETWEEN SUCCESSIVE ACTIONS
DIVERSE FUNCTIONS
DIVERSE PERSONNEL AND LOCATIONS
PRECEDING OPERATOR SUCCESSPRECEDING OPERATOR SUCCESS
LONG TIME WINDOW BETWEEN SUCCESSIVE ACTIONSLONG TIME WINDOW BETWEEN SUCCESSIVE ACTIONS
DIVERSE FUNCTIONSDIVERSE FUNCTIONS
DIVERSE PERSONNEL AND LOCATIONSDIVERSE PERSONNEL AND LOCATIONS
Dependent failure analysis
Slide 21.
ReferencesReferences
IAEA-TECDOC-648 Procedures for conducting common cause failure analysis in probabilistic safety assessment (1992)IAEAIAEA--TECDOCTECDOC--648 Procedures for conducting common cause failure analysis in 648 Procedures for conducting common cause failure analysis in probabilistic safety assessment (1992)probabilistic safety assessment (1992)