1 / 19

Adaptation of NRC Risk Model for AOT Determinations

Goals. To explain :How LCO completion times are based on the Allowed Outage Time (AOT) for safety-systems.How the Risk Increase (?R) impacts the AOT.How the AOT Risk Contribution is the relative risk of the eventWhy the relative risk is acceptable. This process is outlined in NUREG/CR-6141:Handbook of Methods for Risk-Based Analyses of Technical Specifications .

Sophia
Download Presentation

Adaptation of NRC Risk Model for AOT Determinations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Adaptation of NRC Risk Model for AOT Determinations Douglas Clark B&W Technical Services Y-12 April 28th, 2010

    2. Goals To explain : How LCO completion times are based on the Allowed Outage Time (AOT) for safety-systems. How the Risk Increase (?R) impacts the AOT. How the AOT Risk Contribution is the relative risk of the event Why the relative risk is acceptable

    3. Background Risk. The quantitative or qualitative expression of possible loss that considers both the probability that an event will occur and the consequences of that event. (DOE-STD-3009-94) Risk (Rem/yr) = Frequency (/yr) ? Consequences (Rem) For Safety-Significant SSCs (SS-SSCs) Guidance for hazard and accident analysis is not based on probabilistic risk assessment (PRA). (DOE-STD-3009-94) Preparers (and subsequent reviewers) cannot expect the level of detail associated with a quantitative risk assessment in a hazard analysis, as the hazard analysis is focused on systematically assessing what can go wrong in a facility as opposed to deriving mathematical expressions of risk. Risk is qualitative (e.g., engineering judgment) for SS-SSCs.

    4. Basic Concepts Allowed Outage Time (AOT): When a component goes down, there generally is a risk increase due to loss of function of the component. The AOT specifies the period in which a component can be down to restore its operation. (NUREG/CR-6141) AOT is the LCO Action Completion Time. AOT Risk Contribution: For a given AOT, the risk contribution (e.g., ?R) is calculated by multiplying the risk impact by the AOT. There are two risk contributions: Single-event Yearly The AOT Risk Contribution is the relative risk of the event.

    5. Risk Contribution associated with an AOT

    6. Risk Contributions from various AOTs

    7. AOT Risk Contribution – Example 1 NO COMPENSATORY ACTIONS the SSC cannot perform its safety function. HEUMF LCO 3.6 Condition A “A RCSB, in rack storage, is not secured to the storage rack” Action A.1 “Secure the RCSB to the storage rack” Completion Time: 4 hr (4.6E-4 yr) Event of Concern: Earthquake displacing 10+ RCSBs Risk increase (?R): 1E-2/yr ? 0.1 Rem = 1E-3 Rem/yr AOT yearly risk contribution: 1E-3 Rem/yr ? 4.6E-4 yr ˜ 5E-7 Rem

    8. AOT Risk Contribution – Example 2 COMPENSATORY ACTIONS Event Frequency Reduced, No Consequence Mitigation HEUMF LCO 3.2 Condition A “FPS 2, 4A, 4B, 4C, and/or 4D is not OPERABLE” Action A.2 “Initiate and maintain FIRE PATROLS …” Action A.3 “Restore the affected FPS to OPERABLE status.” Completion time: 92 days Event of Concern: Large Area Fire Risk increase (?R): 1E-5 ? 0.01 ? 6.6 Rem = 7E-7 Rem/yr AOT yearly risk contribution: 7E-7 Rem/yr ? 0.25 yr ˜ 2E-7 Rem

    9. AOT Risk Contribution – Example 3 COMPENSATORY ACTIONS Mitigation & frequency reductions, less overall system reliability HEUMF LCO 3.2 Condition D “The Diesel Fire Pump is not OPERABLE for reasons other than those in Conditions B or C” Action D.1 “Ensure the Electric Fire Pump is available” Action D.2 “Restore the Diesel Fire Pump to OPERABLE…” Completion time: 184 days Event of Concern: Large Area Fire Risk increase (?R): 6E-7 Rem/yr AOT yearly risk contribution: 6E-7 Rem/yr ? 0.5 yr ˜ 3E-7 Rem

    10. HEUMF Completion Times For consistency, the Risk Based AOTs were simplified into 5 basic completion times: 4 hours (for Safety-Class SSCs) 24 hours 7 days 92 days 184 days Each of the completion times was based on the corresponding level (color) from the Risk Contribution

    11. HEUMF Completion Times (continued) 24 hours The risk of the HEUMF design basis fire is ~ 7E-5 Rem/yr. This AOT gives a risk contribution of ~ 2E-7 Rem. The risk of a NPH event at the HEUMF is ~ 1E-3 Rem/yr. This AOT gives a risk contribution of ~ 5E-7 Rem. 7 days This outage time corresponds to the frequency of a loss of offsite power during the design basis accident. 92 days This outage time corresponds to the loss of all SS-SSCs and is the frequency of a fire ? the probability that compensatory actions will not detect and minimize the fire ? the maximum consequences of a fire ˜ 7E-7 Rem/yr. This AOT gives a risk contribution of ~ 2E-7 Rem.

    12. 184 Day Completion Time The design basis life of the HEUMF is 50 years (18,263 days) The HEUMF has redundant/diverse systems, e.g.; the FPS and SCS serve redundant functions For conditions which have the redundant function available (and checked through compensatory actions) or for failures which constitute a significant failure of the device, the AOT should be representative of the risk posed by that system. If the FPS has a failure probability of 0.01 and the SCS has a failure probability of 0.01 then the probability of both failing simultaneously is 0.0001. Removing one of these systems results in a probability of failure of 0.01. Therefore the frequency of the event (anticipated in the life of the facility) shall be reduced by a corresponding factor. (i.e., 0.01). 0.01 ? 18,263 days ˜ 184 days

    13. 184 Day Completion Time (continued) The 184 day completion time is the maximum AOT (i.e., single-event AOT). The yearly AOT risk contribution is the maximum AOT times the anticipated frequency of entering the condition. For HEUMF systems, the anticipated failure of components that would result in entering the LCO is < 10-2 /yr. Therefore the yearly AOT risk contribution is < 2 days. This outage time corresponds to: the frequency of a large area fire ? the probability that remaining system will fail ? the consequences of the design basis fire ˜ 1E-6 Rem/yr. This AOT gives a risk contribution of ~ 5E-7 Rem. The 184 days was subsequently analyzed to see if this completion time were reasonable and prudent.

    14. Comparing AOT Risk Contributions Are 5E-7 and 3E-7 AOT Risk Contributions reasonable? NRC Regulatory Guide 1.177, Section 2.4 indicates that an AOT has only a small quantitative impact on plant risk at certain levels An AOT risk contribution “…less than 5.0E-7 is considered small for single TS AOT change.” The NRC based the 5E-7 upon a core damage failure probability of 1E-4 that was increased to 1E-3 during a 5 hour outage. The HEUMF is much less dynamic than a nuclear reactor, but the total relative risk contributions are of a similar order of magnitude although the durations of the allowable outages are much different due to the inherent safety of HEUMF operations.

    15. Completion Times and Spare Parts There are essentially two options: Have all necessary spare parts on hand Be able to diagnose, order, receive, and install parts within the completion time. There is significant cost avoidance with the second option. Cost/Benefit Ratios dictate that we look to see if completion times are reasonable. Example: CAAS parts Vendor has 120 day lead time for all orders Therefore if completion time is < 120 days, all spares must be on-hand.

    16. Summary Guidance for hazard and accident analysis is not based on probabilistic risk assessment (PRA). All AOT risk contributions are qualitatively assessed to be less than 1E-6 Rem. HEUMF Completion times were standardized into five major types. 4 hours (for Safety-Class SSCs) 24 hours 7 days 92 days 184 days These completion times represent high Benefit/Cost ratios and result in significant cost avoidance for the HEUMF.

    17. Questions

    18. Backup material

    19. Control of the AOT Risk Per NUREG/CR-6141, the single-event AOT risk contribution is the contribution when the AOT is activated (i.e., LCO is entered). The yearly AOT risk contribution is the average contribution from expected occurrences of the AOT. Both need to be controlled. Intentional entries into LCO conditions for maintenance are intended to increase reliability of the systems. This imparts the “Reliability Effect of Maintenance” as described in NUREG/CR-6141. Given the level of risk associated with the AOTs for HEUMF, the reliability effect of maintenance offsets the increased risk from the outage associated with that maintenance. Therefore the expected occurrences of the AOT that impact the overall AOT risk are linked to the reliability of the system.

    20. Disclaimer This work of authorship and those incorporated herein were prepared by Contractor as accounts of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor Contractor, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, use made, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or any agency or Contractor thereof. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or any agency or Contractor thereof.

More Related