Recent Analysis and Capability Enhancements to the ADAPT Dynamic Event Tree Driver
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
The ADAPT software allows for the examination of aleatory and epistemic uncertainties in complex system transients using the Dynamic Event Tree (DET) methodology. This manual outlines the principles of operation of ADAPT and provides directions for its use. Future plans for the code are briefly outlined.
Annals of Nuclear Energy
The consequences of a transient in an advanced sodium-cooled fast reactor are difficult to capture with the traditional approach to probabilistic risk assessment (PRA). Numerous safety-relevant systems are passive and may have operational states that cannot be represented by binary success or failure. In addition, the specific order and timing of events may be crucial which necessitates the use of dynamic PRA tools such as ADAPT. The modifications to the SAS4A/SASSYS-1 sodium-cooled fast reactor safety analysis code for linking it to ADAPT to perform a dynamic PRA are described. A test case is used to demonstrate the linking process and to illustrate the type of insights that may be gained with this process. Newly-developed dynamic importance measures are used to assess the significance of reactor parameters/constituents on calculated consequences of initiating events.
International Journal on Artificial Intelligence Tools
This paper explores the viability of using counterfactual reasoning for impact analyses when understanding and responding to "beyond-design-basis" nuclear power plant accidents. Currently, when a severe nuclear power plant accident occurs, plant operators rely on Severe Accident Management Guidelines. However, the current guidelines are limited in scope and depth: for certain types of accidents, plant operators would have to work to mitigate the damage with limited experience and guidance for the particular situation. We aim to fill the need for comprehensive accident support by using a dynamic Bayesian network to aid in the diagnosis of a nuclear reactor's state and to analyze the impact of possible response measures. The dynamic Bayesian network, DBN, offers an expressive representation of the components and relationships that make up a complex causal system. For this reason, and for its tractable reasoning, the DBN supports a functional model for the intricate operations of nuclear power plants. In this domain, it is also pertinent that a Bayesian network can be composed of both probabilistic and knowledge-based components. Though probabilities can be calculated from simulated models, the structure of the network, as well as the value of some parameters, must be assigned by human experts. Since dynamic Bayesian network-based systems are capable of running better-than-real-time situation analyses, they can support both current event and alternate scenario impact analyses.
PSAM 2018 - Probabilistic Safety Assessment and Management
Dynamic probabilistic risk assessment (DPRA) methodologies and the dynamic event tree (DET) methodology specifically allow traditional PRA to be complemented by insights into time-dependent behavior. The ADAPT DET driver has been enhanced recently to provide greater capability to generate DETs and analyze results. The functions that ADAPT uses to gather and present output data have been standardized and enhanced with the goal of automating as much of the process as feasible while remaining simulator and technology agnostic. These individual enhancements come together to reduce the burden on the analyst and allow insights to be discovered more quickly. A recent goal has been the use of ADAPT on high performance computing (HPC) platforms. The number and granularity of treatment of uncertain parameters in a DET may lead to a state space explosion unless DETs are truncated (e.g., using a probability threshold) which may make the complete DET to be infeasible to run on local machines or small computer clusters. Progress can be greatly accelerated by using the large capacity of HPCs. A scheme is presented by which ADAPT gains the capability to distribute jobs to an HPC and retrieve the results seamlessly alongside other types of computation hosts.
PSAM 2018 - Probabilistic Safety Assessment and Management
Containment bypass scenarios in nuclear power plants can lead to large early release of radionuclides. A residual heat removal (RHR) system interfacing system loss of coolant accident (ISLOCA) has the potential to cause a hazardous environment in the auxiliary building, a loss of coolant from the primary system, a pathway for early release of radionuclides, and the failure of a system important to safely shutting down the plant. Prevention of this accident sequence relies on active systems that may be vulnerable to cyber failures in new or retrofitted plants with digital instrumentation and control systems. RHR ISLOCA in a hypothetical pressurized water reactor is analyzed in a dynamic framework to evaluate the time-dependent effects of various uncertainties on the state of the nuclear fuel, the auxiliary building environment, and the release of radionuclides. The ADAPT dynamic event tree code is used to drive both the MELCOR severe accident analysis code and the RADTRAD dose calculation code to track the progression of the accident from the initiating event to its end states. The resulting data set is then mined for insights into key events and their impacts on the final state of the plant and radionuclide releases.
PSAM 2018 - Probabilistic Safety Assessment and Management
Sodium Fast Reactors (SFRs) have an extensive operational history that can be leveraged to accelerate the licensing process for modern designs. Sandia National Laboratories (SNL) has recently reconstituted the United States SFR data from the Centralized Reliability Database Organization (CREDO) into a new modern database called the Sodium (Na) System Component Reliability Database (NaSCoRD). This new database is currently undergoing validation and usability testing to better understand the strengths and limitations of this historical data. The most common class of equipment found in the NaSCoRD database are valves. NaSCoRD contains a record of over 4,000 valves that have operated in EBR-II, FFTF, and test loops including those operated by Westinghouse and the Energy Technology Engineering Center. Valve failure events in NaSCoRD can be categorized by working fluid (e.g., sodium, water, gas), valve type (e.g., butterfly, check, throttle, block), failure mode (e.g., failure to open, failure to close, rupture), operating facility, operating temperature, or other user defined categories. Sodium valve reliability estimates will be presented in comparison to estimates provided in historical studies. The impacts of EG&G Idaho’s suggested corrections and various prior distributions on these reliability estimates will also be presented.
Two sodium spray fire experiments performed by Sandia National Laboratories (SNL) were used for a code - to - code comparison between CONTAIN - LMR and SPHINCS. Both computer codes are used for modeling sodium accidents in sodium fast reactors. The comparison between the two codes provides insights into the ability of both codes to model sodium spray fires. The SNL T3 and T4 experiments are 20 kg sodium spray fires with sodium spray temperature s of 200 deg C and 500 deg C, respe ctively. Given the relatively low sodium temperature in the SNL T3 experiment, the sodium spray experienced a period of non - combustion. The vessel in the SNL T4 experiment experienced a rapid pressurization that caused of the instrumentation ports to fail during the sodium spray. Despite these unforeseen difficulties, both codes were shown in good agreement with the experiment s . The subsequent pool fire that develops from the unburned sodium spray is a significant characteristic of the T3 experiment. SPHIN CS showed better long - term agreement with the SNL T3 experiment than CONTAIN - LMR. The unexpected port failure during the SNL T4 experiment presented modelling challenges. The time at which the port failure occurred is unknown, but is believed to have occur red at about 11 seconds into the sodium spray fire. The sensitivity analysis for the SNL T4 experiment shows that with a port failure, the sodium spray fire can still maintain elevated pressures during the spray.
Instrumentation and control of nuclear power is transforming from analog to modern digital assets. These control systems perform key safety and security functions. This transformation is occurring in new plant designs as well as in the existing fleet of plants as the operation of those plants is extended to 60 years. This transformation introduces new and unknown issues involving both digital asset induced safety issues and security issues. Traditional nuclear power risk assessment tools and cyber security assessment methods have not been modified or developed to address the unique nature of cyber failure modes and of cyber security threat vulnerabilities. iii This Lab-Directed Research and Development project has developed a dynamic cyber-risk in- formed tool to facilitate the analysis of unique cyber failure modes and the time sequencing of cyber faults, both malicious and non-malicious, and impose those cyber exploits and cyber faults onto a nuclear power plant accident sequence simulator code to assess how cyber exploits and cyber faults could interact with a plants digital instrumentation and control (DI&C) system and defeat or circumvent a plants cyber security controls. This was achieved by coupling an existing Sandia National Laboratories nuclear accident dynamic simulator code with a cyber emulytics code to demonstrate real-time simulation of cyber exploits and their impact on automatic DI&C responses. Studying such potential time-sequenced cyber-attacks and their risks (i.e., the associated impact and the associated degree of difficulty to achieve the attack vector) on accident management establishes a technical risk informed framework for developing effective cyber security controls for nuclear power.
Abstract not provided.
This report was written as part of a United States Department of Energy (DOE), Office of Nuclear Energy, Advanced Reactor Technologies program funded project to re-create the capabilities of the legacy Centralized Reliability Database Organization (CREDO) database. The CREDO database provided a record of component design and performance documentation across various systems that used sodium as a working fluid. Regaining this capability will allow the DOE complex and the domestic sodium reactor industry to better understand how previous systems were designed and built for use in improving the design and operations of future loops. The contents of this report include: overview of the current state of domestic sodium reliability databases; summary of the ongoing effort to improve, understand, and process the CREDO information; summary of the initial efforts to develop a unified sodium reliability database called the Sodium System Component Reliability Database (NaSCoRD); and explain both how potential users can access the domestic sodium reliability databases and the type of information that can be accessed from these databases.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
It is difficult to assess the consequences of a transient in a sodium-cooled fast reactor (SFR) using traditional probabilistic risk assessment (PRA) methods, as numerous safety-related sys- tems have passive characteristics. Often there is significant dependence on the value of con- tinuous stochastic parameters rather than binary success/failure determinations. One form of dynamic PRA uses a system simulator to represent the progression of a transient, tracking events through time in a discrete dynamic event tree (DDET). In order to function in a DDET environment, a simulator must have characteristics that make it amenable to changing physical parameters midway through the analysis. The SAS4A SFR system analysis code did not have these characteristics as received. This report describes the code modifications made to allow dynamic operation as well as the linking to a Sandia DDET driver code. A test case is briefly described to demonstrate the utility of the changes.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
Abstract not provided.
International Topical Meeting on Probabilistic Safety Assessment and Analysis, PSA 2017
Accident scenarios in nuclear power plants that bypass containment have the potential for large and early releases of radionuclides. They are typically guarded against using means such as redundant valves arranged in series and interlocks for systems that interface with the high pressure reactor coolant system. Some of these preventative arrangements rely on active systems that may fail in unique ways with the introduction of digital instrumentation and control. A hypothetical scenario in a pressurized water reactor plant is examined in which the digital controllers for the residual heat removal system intake valves are subjected to a common cause failure. This failure may cause simultaneous unintended valve opening while the reactor is at power, which has the potential to overpressurize and damage piping in the residual heat removal system and cause a leak of primary system water past containment into the auxiliary building (interfacing system loss of coolant accident). If the controllers are in a persistent fault condition, plant personnel will have to traverse the potentially contaminated auxiliary building to override at least one controller and close its associated valve. A dynamic case is assembled and run using the ADAPT dynamic event tree driver and the MELCOR severe accident analysis code in which uncertainties in the progression of the accident as well as mitigating operator actions are explored for an interfacing systems loss of coolant accident initiator. The results are assessed using recently-developed tools to gain insight into the likely outcomes and key events.
Abstract not provided.