Probability of loss of assured safety (PLOAS) is modeled for weak link (WL)/strong link (SL) systems in which one or more WLs or SLs could potentially degrade into a precursor condition to link failure that will be followed by an actual link failure after some amount of elapsed time. The descriptor loss of assured safety (LOAS) is used because failure of the WL system places the entire system in an inoperable configuration while failure of the SL system before failure of the WL system, although undesirable, does not necessarily result in an unintended operation of the entire system. Thus, safety is “assured” by failure of the WL system before failure of the SL system. The following topics are considered: (i) Definition of precursor occurrence time cumulative distribution functions (CDFs) for individual WLs and SLs, (ii) Formal representation, approximation and illustration of PLOAS with (a) constant delay times, (b) aleatory uncertainty in delay times, and (c) delay times defined by functions of link properties at occurrence times for link failure precursors, and (iii) Procedures for the verification of PLOAS calculations for the three indicated definitions of delayed link failure.
The use of evidence theory and associated cumulative plausibility functions (CPFs), cumulative belief functions (CBFs), cumulative distribution functions (CDFs), complementary cumulative plausibility functions (CCPFs), complementary cumulative belief functions (CCBFs), and complementary cumulative distribution functions (CCDFs) in the analysis of time and temperature margins associated with loss of assured safety (LOAS) for one weak link (WL)/two strong link (SL) systems is illustrated. Article content includes cumulative and complementary cumulative belief, plausibility, and probability for (i) SL/ WL failure time margins defined by (time at which SL failure potentially causes LOAS) - (time at which WL failure potentially prevents LOAS), (ii) SL/WL failure temperature margins defined by (the temperature at which SL failure potentially causes LOAS) - (the temperature at which WL failure potentially prevents LOAS), and (iii) SL/SL failure temperature margins defined by (the temperature at which SL failure potentially causes LOAS) - (the temperature of SL whose failure potentially causes LOAS at the time at which WL failure potentially prevents LOAS).
The use of evidence theory and associated cumulative plausibility functions (CPFs), cumulative belief functions (CBFs), cumulative distribution functions (CDFs), complementary cumulative plausibility functions (CCPFs), complementary cumulative belief functions (CCBFs), and complementary cumulative distribution functions (CCDFs) in the analysis of loss of assured safety (LOAS) for weak link (WL)/strong link (SL) systems is introduced and illustrated. Article content includes cumulative and complementary cumulative belief, plausibility, and probability for (i) time at which LOAS occurs for a one WL/two SL system, (ii) time at which a two-link system fails, (iii) temperature at which a two-link system fails, and (iv) temperature at which LOAS occurs for a one WL/two SL system. The presented results can be generalized to systems with more than one WL and two SLs.
The use of evidence theory in the analysis of loss of assured safety (LOAS) for weak link (WL)/strong link (SL) systems is introduced and illustrated. Article content includes (i) an introduction to evidence theory, (ii) definition of two WLs and two SLs used for illustration, (iii) belief and plausibility for the occurrence of LOAS for a one WL/two SL system, and (iv) a sampling-based procedure for the verification of belief and plausibility calculations. The presented results can be generalized to systems with more than one WL and two SLs.
Representations for margins associated with loss of assured safety (LOAS) for weak link (WL)/strong link (SL) systems involving multiple time-dependent failure modes are developed. The following topics are described: (i) defining properties for WLs and SLs, (ii) background on cumulative distribution functions (CDFs) for link failure time, link property value at link failure, and time at which LOAS occurs, (iii) CDFs for failure time margins defined by (time at which SL system fails) – (time at which WL system fails), (iv) CDFs for SL system property values at LOAS, (v) CDFs for WL/SL property value margins defined by (property value at which SL system fails) – (property value at which WL system fails), and (vi) CDFs for SL property value margins defined by (property value of failing SL at time of SL system failure) – (property value of this SL at time of WL system failure). Included in this presentation is a demonstration of a verification strategy based on defining and approximating the indicated margin results with (i) procedures based on formal integral representations and associated quadrature approximations and (ii) procedures based on algorithms for sampling-based approximations.
Probability of loss of assured safety (PLOAS) is modeled for weak link (WL)/strong link (SL) systems in which one or more WLs or SLs could potentially degrade into a precursor condition to link failure that will be followed by an actual failure after some amount of elapsed time. The following topics are considered: (i) Definition of precursor occurrence time cumulative distribution functions (CDFs) for individual WLs and SLs, (ii) Formal representation of PLOAS with constant delay times, (iii) Approximation and illustration of PLOAS with constant delay times, (iv) Formal representation of PLOAS with aleatory uncertainty in delay times, (v) Approximation and illustration of PLOAS with aleatory uncertainty in delay times, (vi) Formal representation of PLOAS with delay times defined by functions of link properties at occurrence times for failure precursors, (vii) Approximation and illustration of PLOAS with delay times defined by functions of link properties at occurrence times for failure precursors, and (viii) Procedures for the verification of PLOAS calculations for the three indicated definitions of delayed link failure.
Representations are developed and illustrated for the distribution of link property values at the time of link failure in the presence of aleatory uncertainty in link properties. The following topics are considered: (i) defining properties for weak links and strong links, (ii) cumulative distribution functions (CDFs) for link failure time, (iii) integral-based derivation of CDFs for link property at time of link failure, (iv) sampling-based approximation of CDFs for link property at time of link failure, (v) verification of integral-based and sampling-based determinations of CDFs for link property at time of link failure, (vi) distributions of link properties conditional on time of link failure, and (vii) equivalence of two different integral-based derivations of CDFs for link property at time of link failure.
Weak link (WL)/strong link (SL) systems are important parts of the overall operational design of high - consequence systems. In such designs, the SL system is very robust and is intended to permit operation of the entire system under, and only under, intended conditions. In contrast, the WL system is intended to fail in a predictable and irreversible manner under accident conditions and render the entire system inoperable before an accidental operation of the SL system. The likelihood that the WL system will fail to d eactivate the entire system before the SL system fails (i.e., degrades into a configuration that could allow an accidental operation of the entire system) is referred to as probability of loss of assured safety (PLOAS). This report describes the Fortran 90 program CPLOAS_2 that implements the following representations for PLOAS for situations in which both link physical properties and link failure properties are time - dependent: (i) failure of all SLs before failure of any WL, (ii) failure of any SL before f ailure of any WL, (iii) failure of all SLs before failure of all WLs, and (iv) failure of any SL before failure of all WLs. The effects of aleatory uncertainty and epistemic uncertainty in the definition and numerical evaluation of PLOAS can be included in the calculations performed by CPLOAS_2. Keywords: Aleatory uncertainty, CPLOAS_2, Epistemic uncertainty, Probability of loss of assured safety, Strong link, Uncertainty analysis, Weak link
Several simple test problems are used to explore the following approaches to the representation of the uncertainty in model predictions that derives from uncertainty in model inputs: probability theory, evidence theory, possibility theory, and interval analysis. Each of the test problems has rather diffuse characterizations of the uncertainty in model inputs obtained from one or more equally credible sources. These given uncertainty characterizations are translated into the mathematical structure associated with each of the indicated approaches to the representation of uncertainty and then propagated through the model with Monte Carlo techniques to obtain the corresponding representation of the uncertainty in one or more model predictions. The different approaches to the representation of uncertainty can lead to very different appearing representations of the uncertainty in model predictions even though the starting information is exactly the same for each approach. To avoid misunderstandings and, potentially, bad decisions, these representations must be interpreted in the context of the theory/procedure from which they derive.
The appropriate disposal of radioactive waste is a problem of great importance, wide-spread interest, and some controversy. As part of the solution to this problem the Waste Isolation Pilot Plant (WIPP) is under development by the US Department of Energy (DOE) for the deep geologic disposal of transuranic (TRU) waste generated by defense programs in the United States. The DOE submitted a Compliance Certification Application (CCA){sup 17} for the WIPP to the US Environmental Protection Agency (EPA) in October 1996, and a positive certification decision for the WIPP was issued by the EPA in May 1998. The first disposal of TRU waste in the WIPP took place in March 1999. The 1996 CCA for the WIPP was supported by an extensive performance assessment (PA) carried out by Sandia National Laboratories (SNL), with this PA often designated the 1996 WIPP PA, the 1996 CCA PA, or simply the 1996 PA. In turn, the 1996 PA was supported by site characterization activities, experimental programs, model development programs, data development programs, uncertainty and sensitivity analyses, a dedicated computational environment, a rigorous quality assurance (QA) program and a sequence of earlier PAs. Further, this PA was carried out in a regulatory environment defined by the following EPA regulations: Environmental Radiation Protection Standards for the Management and Disposal of Spent Nuclear Fuel, High-Level and Transuranic Radioactive Wastes (40 CFR Part 191) and Criteria for the Certification and Re-Certification of the Waste Isolation Pilot Plant's Compliance with the 40 CFR Part 191 Disposal Regulations (40 CFR Part 194) The WIPP is the first licensed facility in the United States for the deep geologic disposal of radioactive waste. As a result, there is extensive interest in both the WIPP and the analyses that led to its certification by the EPA for the disposal of TRU waste. The WIPP program has produced large amounts of documentation both as part of the CCA itself and in large numbers of technical reports and supporting analysis documents. Although this information is publicly available, in practice its great quantity and availability at only specific locations (e.g., EPA Docket locations, the WIPP Records Centers in Albuquerque and Carlsbad) make obtaining a detailed understanding of the 1996 WIPP PA an arduous undertaking.
The conceptual structure of the 1996 performance assessment (PA) for the Waste Isolation Pilot Plant (WIPP) is described. This structure involves three basic entities (EN1, EN2, EN3): (i) EN1, a probabilistic characterization of the likelihood of different futures occurring at the WIPP site over the next 10,000 years; (ii) EN2, a procedure for estimating the radionuclide releases to the accessible environment associated with each of the possible futures that could occur at the WIPP site over the next 10,000 years; and (iii) EN3, a probabilistic characterization of the uncertainty in the parameters used in the definition of EN1 and EN2. In the formal development of the 1996 WIPP PA, ENI is characterized by a probability space (Sst, Gst, pst) for stochastic (i.e. aleatory) uncertainty; EN2 is characterized by a function f that corresponds to the models and associated computer programs used to estimate radionuclide releases: and EN3 is characterized by a probability space (Ssu, Gsu, psu) for subjective (i.e. epistemic) uncertainty. A high-level overview of the 1996 WIPP PA and references to additional sources of information are given in the context of (Sst, Gst, pst), f and (Ssu, Gsu, psu).
The 1996 performance assessment (PA) for the Waste Isolation Pilot Plant (WIPP) maintains a separation between stochastic (i.e. aleatory) and subjective (i.e. epistemic) uncertainty, with stochastic uncertainty arising from the possible disruptions that could occur at the WIPP over the 10,000-yr regulatory period specified by the US Environmental Protection Agency (40 CFR 191,40 CFR 194) and subjective uncertainty arising from an inability to uniquely characterize many of the inputs required in the 1996 WIPP PA. The characterization of stochastic uncertainty is discussed, including drilling intrusion time, drilling location, penetration of excavated/nonexcavated areas of the repository, penetration of pressurized brine beneath the repository, borehole plugging patterns, activity level of waste, and occurrence of potash mining. Additional topics discussed include sampling procedures, generation of individual 10.000-yr futures for the WIPP, construction of complementary cumulative distribution functions (CCDFs), mechanistic calculations carried out to support CCDF construction, the Kaplan/Garrick ordered triple representation for risk, and determination of scenarios and scenario probabilities.
The 1996 performance assessment (PA) for the Waste Isolation Pilot Plant (WIPP) maintains a separation between stochastic (i.e. aleatory) and subjective (i.e. epistemic) uncertainty, with stochastic uncertainty arising from the possible disruptions that could occur at the WIPP over the 10,000 yr regulatory period specified by the US Environmental Protection Agency (40 CFR 191, 40 CFR 194) and subjective uncertainty arising from an inability to uniquely characterize many of the inputs required in the 1996 WIPP PA. The characterization of subjective uncertainty is discussed, including assignment of distributions, uncertain variables selected for inclusion in analysis, correlation control, sample size, statistical confidence on mean complementary cumulative distribution functions, generation of Latin hypercube samples, sensitivity analysis techniques, and scenarios involving stochastic and subjective uncertainty.