- 123 Views
- Uploaded on
- Presentation posted in: General

Boolean Reliability Models

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

**1. **1 Boolean Reliability Models Javier Yllera,
[email protected]
IAEA (SAS/NSNI)

**2. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**3. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**4. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**5. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**6. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**7. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**8. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**9. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**10. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**11. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003 A structure function is coherent iff is monotone increasing and all its elements are relevant.
Well designed systems have normally coherent function. In a non coherent system restoring a failed component to service may fail the system
If a structure function doesn’t contain a boolean variable an its negation at the same time, is coherent or can be easily made coherent not use negated
Coherent functions have a unique disjunctive or conjunctive normal form (canonical forms)
More accurate reliability estimates are available for coherent functions.
Use of non coherent functions may cause serious computational problems due to the use of probabilities close to 1 for reliable system.
The reduction principle, Shanon expansion theorem or pivotal decomposition: Any structure function can be decomposed in the following way:
Structure function properties

**12. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003
Example: EQ1 = (SB1+SB2)·(SB1+SB3), decomposition on SB1:
EQ1: (SB1)’ (0+SB2)·(0+SB3), + SB1·(1+SB2)·(1+SB3)
EQ1: (SB1)’·SB2·SB3 + SB1
Normal disjunctive form: Is the disjunction (sum) of all minimal cut sets
A cut sets is a combination of basic events that if all occur lead to the system failure (undesired event).
A minimal cut set is cut set in which if any event is removed, the combination is not a cut set any more
Normal conjunctive form: Is the conjunction (product) of all minimal path sets
A path sets is a combination of basic events that if non of them occurs, the system cannot fail (undesired event cannot occurred).
A minimal minimal path set is path set in which if any event is removed, the combination is not a path set any more
Any minimal path set contains at least one event of every minimal cut set and viceversa Structure function properties (cont.)

**13. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**14. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003

**15. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003 For a redundant system there is not exact expression for the system failure probability in the interval (0,t) if maintenance (renewal) is allowed. If maintenance is not performed, the failure probability and the unavailability are the same.
Failure probability is estimated through the failure frequency and its density function. The failure frequency in (0,t) is the mathematical expectation of the number of system failures in (0,t):
Hs(T) = 0 x P(0 failures in 0,t) + 1x P(1 failure in 0,t) +
2x P(2 failures in 0,t) + ….
The system failure probability Qs(t) is the probability that the system fails at least one time in (0,t), and therefore Qs(t) =min{1,Hs(t)} and for reliable systems the approximation
Qs(t)?Hs(t)
is totally acceptable.
Hs(t) can be obtained through the integration of its density function hs(t), which is the number of system failures in (t,t+dt) Estimate of system failure probability

**16. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003 To estimate hs(t) is important to introduce the concept of system criticality. A system is in a critical state if the failure of some components have brought it to a situation that if an additional component fails, the system will fail.
A component is critical at some point for the system if its failure leads to a system failure
The system is critical if at least in one minimal cut sets all components have failed except for one.
hs(t) dt : ? [ P(component í is critical for the system at time t) x í P(probability that the component I fails in the interval t+dt)]
It can be easily demonstrated that for a minimal cut set:
and that for the whole system: Estimate of system failure probability

**17. **Training Course on PSA
Islamabad, Pakistan, April 14-20, 2003 A NPP is a too complex systems and several aspects of the reliability models presented until know are too idealistic. Additional factors need also to be taken into consideration, but the PSA quantification has to make use of the equations developed in the reliability theory
CDF is equivalent to hs(t) and it is assumed constant therefore the probability of a core melt during the plant life time would be CDF x the planned plant life time, e.g. 40 years but of course modifications would take place that would require to update the model.
Different time frames are considered for different system in the plant. Normal systems, e.g. feed turbine cycle which may originate an initiating event are considered in a long time frame. Safety systems responding to an initiating event are considered for a mission time of about 24 hours
The failure frequency (density) is assigned normally to the initiating event, which is in many cases considered as a basic event, for which a numerical estimate is assigned. For the mitigating systems a somehow averaged unvailability is calculated
If a system failure can cause an initiating event and at the same time the system participates in the accident mitigation the previous approach is not acceptable and mistakes are made in many PSAs in part because the quantification code may not offer the adequate options
The practical use will be illustrated in further lectures Practical use of reliability estimates in NPP PSAs