probabilistic safety analysis (psa) level 2’АБ-2.pdf · 2017. 3. 16. · • riskspectrum 1.2...

Kaliopa Mancheva

March 16, 2017

PROBABILISTIC SAFETY ANALYSIS (PSA) LEVEL 2

March 16, 2017

o The safety bases are established on the principles of safety, therebyensuring protection of those working at a nuclear facility, aswell as of the population and the environment against harmfulionizing radiation at this moment and in future. These principlesdetermine the need for risk assessment and management ofnuclear facilities. The PSA is one of the basic means for riskassessment of possible releases of radioactive products into theenvironment and the consequences thereof

o More specifically, the PSA Level 2 deals basically with theinvestigation and assessment of possible paths of radioactiveproducts release after nuclear fuel damage and the possibilitynot to release them into the environment

o Nuclear fuel damage is associated with the term “severe accident”

WHY PSA LEVEL 2 ?

o The implementation of such type of projects has the following objectives:• A systematic analysis to achieve certainty in the nuclear facility

project compliance with the main safety objectives - overall level ofsafety

• Risk assessment of releases of radioactive products into theenvironment after fuel damage in the reactor, spent fuel pool,storage facilities and other facilities containing radioactive material

• Verification of project balancing, i.e. to ascertain that there are noexpressed deficiencies in terms of specific impacts

• Use of the source terms and frequencies to determine off-siteconsequences (Level 3 PSA input)

• Evaluation of plant designTo identify potential vulnerabilities in the mitigation of severe accidentsTo compare design options

• Support and verification of SAMG• Use of a range of other PSA applications in combination with the

Level 1 PSA results

o Objectives of the specific task:• Assessment of Large Early Release Frequency (LERF): it

considers only the sequences, for which the releases occurin the early phase of the accident. It is used for early riskrelease assessments

• A full-scope PSA Level 2: it considers all sequences, whichlead to releases into the environment, both at the early andlate phase of the accident

SCOPE OF PSA LEVEL 2

o PSA Level 2 can have a different scope, depending on the following:• The type of initiating events that are to be analyzed:

Internal initiating events (which include facility-internal failures, fires and flooding)

External hazards (which include seismic, tornado, strongwinds, high temperatures, external fires and floodings andetc.)

• The facility operational modesFull power modesLow power and shutdown modes

• The fuel location: Reactor vesselSpent fuel pool Spent fuel storage facility

Input from the Level 1 PSA – core damage minimal cut-sets/accident sequences

Plant familiarisation for Level 2 PSA

Plant damage states definition

Severe accident modelling

Containment performance analysis

Source term analysis

Quantification

Results

Sensitivities, uncertainties

Use of the results

Information collection and familiarization with plant

features that influence severe accident progression

Grouping of core damage MCSs into PDSs

Phenomena/ Containment Event Tree (CET)

analysis

Response to severe accidents

Fission product transport/ release categorization

CET probabilities/ quantification

Frequencies of large (early) release / release

categories

Sources of uncertainty

Identifications of severe accident vulnerabilities and

other applications

General Steps of Level 2 PSA

Design aspects identificationo Identify and highlight plant SSC and operating procedures that

can influence:

• severe accidents progression

• containment response

• transport of radioactive material

o The task includes also Reactor Building, Auxiliary Building,

Secondary containment and etc.

o Examples:

• core materials and geometry of the reactor internals

• area under the reactor pressure vessel

• flow paths from the area under the reactor pressure vessel to the

main containment volume

• chemical content of the concrete

• features that could lead to containment bypass sequences

Channel

GNF 10x10

8x89x9

ANF 10x10

Channel box

[kg-Zr

per MW]PWR BWR WWER

Fuel 6.0 11.5 8.05

Control

Rods0.5 [--] 0.78

Fuel

Channel

Box

[--] 5.6 [--]

Grids and

other

[--] [--]0.77

Total (kg)

3000 MW

reactor

20,000 51,000 28,800


Plant damage states definition Grouping of core damage MCSs into PDSs


Initiating

Events

(< 100)

Accident sequence

event trees

(event probabilities

from fault trees)

Accident

sequences

(millions)

Initial plant

damage

states

(50 to 100)

Consolidated

plant damage

states

(< 20)

Accident progression /

containment event trees

(branch probabilities with

uncertainties)

Accident progression /

containment event tree

end states

(104 to 106)

Iterative truncation

10-10 ... 10-12 ...

to convergence

Stop

Bin

nin

g P

roce

ss

Screen on

low frequency

Release

categories

(< 20)

Frequency * Consequence

Conditional

consequence

bins

(< 20)

Ris

k I

nte

gra

tio

n

LEVEL 1 LEVEL 1 -2

InterfaceLEVEL 2 LEVEL 3

Sensitivity analysis & reconsideration of

low-frequency PDS with high consequences

Co

mbin

e S

imila

r P

DS

o Plant Damage State (PDS) – core melt

sequences identified in the Level-1 PSA

grouped based on similarities in accident

progression and availability of

containment safeguards and other systems

that might have impact on accident

progression after core melt

o Binning process is intended to establish an

interface between

• The plant systems analysis (Level-1 PSA) and

• The containment response analysis (Level-2 PSA)

o Software:• SAPHIRE

• RiskSpectrum 1.2 – last version


Severe accident modelling Phenomena/ Containment Event Tree (CET) analysis


o Main purposes and outcomes from the

deterministic analysis

• Time chronology of the accident

• physical parameters of accident progression

• dependencies between phenomena

o Used for expert judgment assessment of

probabilities for different phenomena

o Software:

• MELCOR, MAAP, ASTEC

CV091

CV

060

CV092

CV

010

CV

055

CV

05

4C

V05

3C

V057

CV

047

CV

046

CV

045

CV

04

4C

V04

3C

V04

2

CV

037

CV

036

CV

035

CV

03

4C

V03

3C

V03

2

CV

027

CV

026

CV

025

CV

02

4C

V02

3C

V02

2

CV

017

CV

05

2

CV

016

CV

015

CV

01

4

CV

056

CV

01

3C

V01

2

CV

040

CV050

CV020

CV070

WWER-1000Reactor Model

First Phase of Accident Progression• IE TBO and DC power available

• Covers the period from CD to vessel breach- CD = 1200 ͦC of claddings

• Chronology:

Time [h:m]

Event Comment

0.0 IE – TBO with DC available

0.00+ Reactor Scram, MSIV* closure

0.00+ Diesel generators fail to start

0:03 MCP coast down

0:58 PORV opens Pressure is >180 MPa

3:03 H2 generation starts H2O-Zr

3:08 Gap release Core damage

3:36 Tcl >1200 C Core damage

4:23 Core degradation Loss of mass of CL

6:55 Vessel failure Start to eject to cavity

Pressure and Temperatures

• Primary Side pressure is

controlled by PORV

• Temperature increase rapidly

after water depletion

• Secondary Side pressure is

controlled by SG SV

• SDA assumed failed (no DC

power)

Levels

0

0.5

1

1.5

2

2.5

0.00 2.00 4.00 6.00 8.00

Lev

el [m

]

Time [hours]

SG levels0

2

4

6

8

10

12

14

0.00 2.00 4.00 6.00 8.00

Lev

el [m

]

Time [hours]

Primary Side - Levels

TAF

BAF

Pressurizer level is maintained up to

vessel failure

RPV level start to decrease after SG

depletion

• Major insights:

• PRZ level not indicative for mass

inventory in the system

Hydrogen generation

0

100

200

300

400

500

600

700

0.00 2.00 4.00 6.00 8.00

Mass [

kg

]

Time [hours]

Hydrogen generated in in-vessel phase

Simplified

nodalization – 5

volumes in core

region

Total H2production

H2 production

from Zr

H2 production

from Steel

H2 production

from B4CUpper FL

Lower FL

Last Upper FL

Lowest FL

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

0.00 2.00 4.00 6.00 8.00

Are

a F

racti

on

[-]

Time [hours]

Core blocking

STRUCTURAL ANALYSIS OF THE PRIMARY SIDE ELEMENTS

MCP/ SG header/ pressurizer surge

line

Tube bundle of the steam generator – part

Steam Generator

WWER-1000 models with the ALGOR product

o In case of a severe accident, the primary side

elements operate in beyond design

conditions. Therefore, an analysis is required

of their operability and probability of failure,

respectively.

o The conditions of their operation are

determined by deterministic analyses results

with MELCOR or other integral code.

o The analysis of Primary Side components

response is based on the following:

Deterministic part: determining the

ultimate capacity by using the finite

elements method

Probabilistic part: assessment of the

probability of failure (e.g. Larson-Miller

approach)

o A CET is a logical framework for estimating the range of

consequences associated with a given accident sequence

o A CET is a time-line of accident progression

• It represents the sequence of events that could lead to failure of the

containment pressure boundary and fission product release to the

environment

Initiating Event

System failures

Human actionsCore Damage

Challenges to

Containment

Integrity

Fission Product

Release to the

Environment

Level 1 Level 2

o It is a Probabilistic model• It represents uncertainties in ability to predict

accident progression

• Particular assumptions regarding each

uncertainty lead to different conclusions

regarding plant response to the sequence

o Branch point probabilities typically NOT based on statistical analysis of “data”• Reflect confidence that one outcome is more

likely to be correct than its alternative

Containment Fission Product

Response Release

Intact None

Accident Large

Sequence xxx Fails Late

Small

Large

Fails Early

Small

o Unlike the Level 1 event tree,

branch points in a CET often have

more than two possible outcomes:

• Branch may not simply represent

“success” or “failure” of an event

• Often represent alternative conditions or

physical process

o All branches represent sequences of

interest

• Quantification does not exclude “success”

paths

Hydrogen

Concentration Hydrogen

in Containment? Burn?

No burn

4 < Conc < 8%

Weak Deflagration

None

Accident

Sequence xxx 8 < Conc < 14% Weak Deflagration

Strong Deflagation

Strong Deflagation

Conc > 14%

Detonation

RV at Low Pressure at

Onset of Core Damage

Injection Recovered

No Vessel Breach

No Early Containment

Failure No MCCI

No Late Containment

Failure Sprays

Containment

Fails Early

Containment

Fails at VB with

RCS at High

Pressure

Containment

Fails at VB with

RCS at Low

Pressure

Containment

Bypass or

Isolation Failure

Containment

Fails Prior to

Vessel Breach

RCS Not

Depressurized

Before Vessel

Breach

Containment

Fails Given

RCS at High

Pressure

RCS

Depressurized

at Vessel

Breach

Containment

Fails Given

RCS at Low

Pressure

In-vessel

Steam

Explosion Fails

Containment

Containment

Fails by Over-

pressure

During Core

Degradation

RCS

Depressurized

Before Vessel

Breach

High-

Temperature

Failure of Cavity

Penetration

Hydrogen Burn

at Vessel Breach

Fails

Containment

KOZLODUY NPP EVENT TREE SARRP

59

NQ = NUMBER OF QUESTIONS (SEE LINE 2)

1 1.000

TB-OPT

1 WHAT IS THE INITIATING EVENT?

8 VB LL MBL SML ISL SGTR TR TBO

1 1 2 3 4 5 6 7 8

0.000 1.000 0.000 0.000 0.000 0.000 0.000 0.000

-----------------------------------------------------------------------------------------------

14 DOES THE OPERATOR DEPRESSURIZE THE RCS AFTER CD?

2 DEPR_Y DEPR_N

2 1 2

3 CASES

2 1 1

6 + 7

SGTR TR

0.990 0.010

1 1

8

TBO

0.000 1.000

OTHERWISE

1.000 0.000


Containment performance analysis Response to severe accidents


o The analysis of containment structures

response is based on the following:

Deterministic part: determining the ultimate

capacity by using the finite elements method

Probabilistic part: assessment of the

probability of failure under static and

dynamic loads by creating the so-called

fragility curves

o Software: Risk Engineering uses the

SOLVIA and LSDYNA, which allows the

development of 3D models of the

studied objects

“Solid” elements

Models of containment and WWER-1000/В320 Reactor Building

“Shell” elements


Source term analysis Fission product transport/ release categorization


o The purpose of the analysis is to determine the

following:

• time, location, energy and amount of the

fission products released

• Analysis of the fractions by groups of

elements of fission products released

(MELCOR results)

• Assessment of fission products retention

o Using this analysis, both the full release activity,

and the activities of individual nuclides, which

have different consequences on the human body

and soil, water, etc., are obtained.

Release

category

Release frequency,

[y-1]

Aerosol release

activity,

[Bq]

Risk of aerosol

release,

[Bq/y]

Contribution to the

risk of aerosol

release,

[%]

Full release

[Bq]

TRAR

[Bq/y]

Contribution

to the TRAR

[%]

RC1 1.0E-06 1.3E14 1.3E08 10 2.5E-15 2.5E-15 2.8

Vessel at

Low

Pressure

No Early

Contain.

Failure

Early F.P.

Release to

Pool

No Core-

Concrete

Interaction

No Late

Contain.

Failure

Late

Release to

Pool

Sprays

Operate

Auxiliary

Building

Retention

RELEASE

CATEGORY

PDS LP CFE POOL DF CCI CFL POOL SPRYS AB RC

1

1

3

2

4

4

5

2

2

3

3

4

4

5


Quantification

Results

Sensitivities, uncertainties

CET probabilities/ quantification

Frequencies of large (early) release / release

categories

Sources of uncertainty


o Two interpretations of the concept of ‘Probability’

• Classical statistics: Statistical analysis of set of random data

generates confidence intervals, not (strictly speaking)

probability – probability of frequency

• Bayesian: “a quantity that we assign theoretically, for the

purpose of representing a state of knowledge“ – probability of

probability

Bayesian: Informed judgment that a particular outcome will occur –

reflects ‘degree of belief’ of the observer.

Only Bayesian interpretation is appropriate for PSA (particularly

Level 2)

o Uncertainty :

• epistemic uncertainty – reflects our lack of knowledge of the state of a system

Can be reduced by further analysis (realistic approach)

Can be reduced by changing our domain of experience (constructivist approach)

• aleatory variability – randomness, observable measure of correspondence of our system model with the real world system

Cannot be reduced by any means (for given system boundaries or for same model of a system)

Very important statement – aleatory variability is a property of our model and not a

property of the real world system

March 16, 2017 32

Insights• NO big impact of releases

between 12-48 hours

• Dominant releases starts after48 hours

• Dominant risk comes fromPOS’s with closed reactor

Insights• Low risk of hydrogen burning

• Low risk steam explosions andHPME

• Almost 100% of the risk for Openreactor comes from isolationfailure (RC4, 5)

SFP

Open Reactor

Closed Reactor

0%

20%

40%

60%

80%

100%


Use of the resultsIdentifications of severe accident vulnerabilities and

other applications


o Successful examples of applications of Level 2 PSA

• Comparison of results of the Level 2 PSA with probabilistic criteria

To determine if the overall level of safety of the plant is adequate

• Evaluation of plant design

To identify potential vulnerabilities in the mitigation of severe accidents

To compare design options

• Development of severe accident management guidelines

• Use of the source terms to provide an input into emergency planning

• Use of the source terms and frequencies to determine off-site consequences (Level 3 PSA)

• Prioritization of research relating to severe accident issues

• Use of a range of other PSA applications in combination with the Level 1 PSA results

Headquarters:

10, Vihren str.

Sofia 1618

Bulgaria

Tel. + 359 2 8089 703

Fax: +359 2 9507 751

[email protected]

www.riskeng.bg

March 16, 2017

mailto:[email protected]://www.riskeng.bg/

March 16, 2017

THANK YOU!

probabilistic safety analysis (psa) level 2’АБ-2.pdf · 2017. 3. 16. · • riskspectrum 1.2...

Documents