Probabilistic safety analysis

from Wikipedia, the free encyclopedia

The Probabilistic Safety Analysis ( PSA ), also called Probabilistic Risk Analysis ( PRA ), examines the risks of industrial plants using the methods of probability calculation and system analysis.

The three main objects of analysis are:

  • What can fail?
  • How probable is it?
  • What are the effects?

History of the PSA

The method of quantitative risk analysis was developed from the experience of reliability analysis in the 1950s and 1960s. It also uses the methods of reliability (technology) .

A pioneer of quantitative risk assessment in England was F. Reg Farmer, who in 1967 created the methodological basis for the quantitative risk assessment of industrial plants with the risk limit curve (also called "Farmer curve"). The risk limit curve is derived from the product of the probability of occurrence and extent of damage of an accident and is based on the consideration that the greater the extent of damage in an accident, the lower the probability of occurrence, and vice versa.

Farmer also pointed out that (for example, a nuclear power plant.) In the risk assessment the full range of possible accidents should be considered and not just a " maximum credible accident " (GAU, English "Maximum Credible Accident." - MCA) as it had been common in nuclear engineering until then.

In the American reactor safety study "WASH 1400" from 1975 (so-called "Rasmussen study"), the quantitative accident risks of two nuclear power plants (NPP) were analyzed for the first time. The event tree and fault tree analysis are the predominant analytical instruments of the PSA, in which the totality of the possible accident sequences is recorded, modeled and quantified. The fault tree analysis (see Fault Tree Analysis Handbook) comes from the aerospace industry. The risk model of the overall system created in the PSA then consists of a large number of interlinked event and fault trees. In large-scale systems such as a nuclear power plant, the risk model and the large amounts of data that arise can only be quantified and quality assured using a computer program.

With the "WASH 1400" reactor safety study, a significant further development of the PSA methods took place:

  • Failure models of redundant systems and components with cross-redundancy errors (CCF analysis, common cause failure).
  • Human Factor Analysis (adoption of experiences from the military sector).
  • Determination of probabilistic variables of rare events, such as the failure of pipes or containers, the bursting of the power plant turbine, system-internal flooding, crashes of heavy loads, system-external events such as plane crashes, earthquakes and floods.

In doing so, it set standards for all further risk analyzes, and not just in nuclear technology. In Germany, the “German Risk Study for Nuclear Power Plants” for the Biblis NPP was drawn up using the methodological approaches of “WASH 1400” and is considered a reference analysis for nuclear power plants in Germany.

Risk analyzes are used today in all industrial sectors, such as nuclear technology , aviation , rail, shipping, chemistry, petrochemistry and dams.

Significant risk factors

Human factor

With the accident in the American nuclear power plant Three Mile Island in 1979, various weaknesses in the area of ​​the human-machine interface, personnel qualification and accident management became visible. The accident triggered worldwide retrofitting of the nuclear power plants as well as an intensive further development of the methods for human factor analysis.

Internal fire

In 1975, at the Browns Ferry nuclear power plant in Alabama, USA, a serious internal fire developed which led to the failure of several safety systems. The trigger of the fire was a burning candle that the maintenance staff had used to detect a ventilation leak in the cable duct of the nuclear power plant. The size of the risk of “internal fire” became clear through this event, which was previously underestimated in this form. The fire event has not yet been considered in WASH 1400. An intensive development of the probabilistic fire risk analysis was initiated. Today it is standard in PPE.

Safety culture

In 1986, the Russian nuclear power plant in Chernobyl saw the worst accident ever in nuclear power generation. The starting point of the accident was a test to determine the safety properties of the system, which took place while the system was being shut down. Inadequacies in the test program, unexpected conditions while the test was being carried out and unplanned interventions by the operating personnel all led to a “prompt supercritical excursion” of the reactor and thus to its catastrophic failure. The analysis of the causes of the accident revealed considerable deficits in the safety management and in the supervision of the plant. The importance of asset management and the safety culture on asset risk became evident.

Accident cause analyzes in practically all other industrial sectors, but also in medicine and pharmaceuticals, equally revealed this influencing variable. Corresponding requirements for security management and risk management can now be found in all security standards of the various industrial sectors .

Methods for evaluating the risk factor “ safety culture ” have only existed in qualitative form so far.

Implementation of a PPE

The PPE is created according to the following steps:

  1. Identification of the hazard potentials contained in a facility (such as hazardous substances, radioactive fission products).
  2. Description of the safety technology, the measures and barriers that enclose the potential hazards and prevent their release.
  3. Determination of the incidents that can lead to a release of the hazard potential (incident triggering events).
  4. Determination of the spectrum of incidents triggering the incident.
  5. Analysis of the accident sequences and the mode of operation of the system technology under the accident conditions as well as implementation of the accident sequences in event and fault trees (they form the probabilistic model in the PSA, which can be quantified with the methods of probability calculation).
  6. Determination of the input variables in the probabilistic model, the reliability data, HF, CCF data (probability variables) and the repair times and test intervals (state change variables) of the components of the system.
  7. Quantification of the probabilistic model.
  8. Evaluation of the risk results, determination of the leading risk contributions (system weaknesses) and the possible risk-reducing measures.

Probabilistic input data

The probabilistic input variables in the PSA are:

The probabilistic input data are either taken from the operating experience of the system under consideration (system-specific data) or from other comparable systems (generic data). The reliability parameters obtained also represent indicators ( safety indicators ) for the safety behavior of a system, in particular with regard to systematic errors and aging processes. They give early indications of deficits and a reason for corrective measures.

Uncertainty and limits of analysis

The quantitative results of a probabilistic risk analysis are generally fuzzy. The following types of blurring are distinguished:

Model blur

The mapping of the real system in the risk model under the conditions of the incident or accident situation always represents only a rough approximation of the real processes. Simulations of accident scenarios as well as the evaluation of accident processes with similar systems serve to improve the modeling.

Data and parameter uncertainty

The reliability parameters are subject to the "statistical spread" on the one hand and to the "technical spread" on the other. The “statistical spread” can be reduced with the largest possible sample. The "technical spread" arises from the fact that the components used for data evaluation do not usually completely match the components under consideration in terms of type and operating behavior. The resulting uncertainty is usually greater than that of the “statistical spread”.

Blurring due to insufficient knowledge

Experience in accidents teaches that the level of knowledge about the possible accident sequences - in a complex industrial plant - is usually incomplete (see section Important risk variables ). This means that the risk model does not fully reflect reality.

Risk assessment

Assessment of the absolute risk size

The overall quantitative result of the risk analysis, consisting of the probability of occurrence and the effects of the accident sequences examined, provides information about the collective and individual risks of the population in the vicinity of the facility.

The "MEM" ("minimum endogenous mortality") assessment approach is based on the minimum death rate of a person (aged 5 to 15) of 2 · 10 −4 / year. The permissible risk should be well below this value and is set at 1 · 10 −5 / year (European railway standard EN 50126, 1997).

In aviation , according to ARP 4761 and ARP 4754, depending on the severity of the effects of an error, the following probabilities must be demonstrated:

  • 10 −5 / flight hour for the "Major" category
  • 10 −7 / flight hour for the "Hazardous" or "Severe Major" category
  • 10 −9 / flight hour for the "Catastrophic" category

Comparative risk assessment

A practical evaluation of the quantitative risk results is the comparison with other industrial risks or alternative plant concepts and systems.

The GAMAB principle ( Globalement au moins aussi bon - generally at least as good ): a new system should be at least as safe and low-risk as any existing comparable system (cf. European rail standard EN 50126 , 1997). In the chemical industry, the term " best practice " is used for this.

The " ALARP " principle ("As low as reasonably practical") is derived from the principle of proportionality, according to which risk-reducing measures should always be carried out and as far as possible and practicable.

Evaluation of the risk importances

The risk analysis provides - in addition to the overall quantitative result - information about individual risk contributions (risk importances) of the system technology and operating mode and thus starting points for their optimization (referred to as weak point analysis).

Areas of application of the PPE

Security checks

In Germany, nuclear facilities have to undergo regular safety reviews. It comprises three parts: deterministic security status analysis, probabilistic security analysis and deterministic security analysis.

Living PPE

In the risk analysis, the system status to be analyzed is usually defined and frozen at the time of the analysis ("snapshot in time"). Subsequent changes in the system technology or new levels of knowledge about data and models of the PSA are not taken into account. The task of the "Living PSA" is therefore to keep the PSA up to date over the life of a system. It is used for the safety-related management of a plant, for evaluating planned technical changes and for training purposes for operating personnel

Risk Informed Regulation

In the USA, the licensing and supervisory process for nuclear power plants is largely based on the PSA. The "Policy Statement of the NRC" of 1995 set the following goals:

  • Comprehensive application of the PSA in all decision-making processes for reactor safety.
  • Improvement of the risk assessment through newer knowledge from events from the reactor operation.
  • Optimizing the distribution of the available resources using risk analysis.
  • Evaluation of system-technical changes by means of risk analysis taking into account the general safety principles.
  • Improvement of the PPE instruments, e.g. B. by creating a PSA standard.

literature

Nuclear technology

US Nuclear Regulatory Commission (NRC) :

  • NUREG-0492, "Fault Tree Handbook", WE Vesely, FF Goldberg, NH Roberts, DF Haasl, 1981
  • NUREG / CR-2300, "PRA Procedures Guide: A Guide to the Performance of Probabilistic Risk Assessments for Nuclear Power Plants"
  • NUREG CR-2815, Probabilistic Safety Assessment (PSA) Procedure Guide, 1985
  • American Society of Mechanical Engineers (ASME), "Standard for Probabilistic Risk Assessment for Nuclear Power Plants (NPP) Applications," ASME RA-S-1999

International Atomic Energy Agency ( IAEA ):

  • "Development and Application of Level 1 Probabilistic Safety Assessment for Nuclear Power Plants", Specific Safety Guide Series No. SSG-3, April 27, 2010
  • "Development and Application of Level 2 Probabilistic Safety Assessment for Nuclear Power Plants", Specific Safety Guide Series No. SSG-4, May 25, 2010

Federal Office for Radiation Protection (BfS):

  • "Methods for probabilistic safety analysis for nuclear power plants", Dec. 1996, BfS-KT-16-97
  • "Data for the quantification of event sequence diagrams and fault trees", March 1997, BfS-KT-18/97

The Organization for Economic Co-operation and Development ( OECD Working Group Risk Assessment) publishes "Technical Opinion Papers" in which basic statements are made about the properties of the probabilistic safety analysis:

  • The Role of Quantitative PSA Results in NPP Safety Decision-Making
  • The Role of Living PSA in NPP Safety Decision-Making
  • Human Reliability Analysis in PSA
  • Fire Probabilistic Safety Assessment for NPP
  • Seismic PSA.

Chemical, oil and gas industry

Health and Safety Executive, "Application of QRA in operational safety issues", 2002

NORSOK STANDARD Z-013 Risk and emergency preparedness analysis, September 1, 2001

American Petroleum Institute API-Publication 581, Base Resource Document - Risk-Based Inspection

OREDA - Offshore and Onshore Reliability Data Handbook

Railway industry

EN 50126 : Railway applications - Specification and evidence of reliability, availability, maintainability, safety ( RAMS ); German version: 1999

The international handbook on Engineering Safety Management (iESM) (replaces the Yellow Book withdrawn in 2012 - “Engineering Safety Management”)

Individual evidence

  1. ^ FR Farmer, "Safety Criterion, Containment an Siting of Nuclear Power Reactors", Vienna, 1967.
  2. Archived copy ( Memento of December 18, 2012 in the Internet Archive ), M. Ragheb, The Risk Assessment Methodology, 2011.
  3. a b [1] , WASH-1400: "Reactor Safety Study, an Assessment of Accident Risk in US Commercial NPP".
  4. a b [2] , “Fault Tree Handbook”, WE Vesely, FF Goldberg, NH Roberts, DF Haasl, 1981, NUREG-0492.
  5. [3] (PDF; 16.6 MB), Society for Reactor Safety “German Risk Study Nuclear Power Plants”, Federal Minister for Research and Technology, Phase A: 1980, Phase B: 1989.
  6. a b c d e f [4] (PDF; 2.9 MB), Methods for Probabilistic Safety Analysis for Nuclear Power Plants, Dec. 1996, BfS-KT-16-97.
  7. a b [5] (PDF; 71 kB), CSNI Technical Opinion Papers, No. 4: Human Reliability Analysis in Probabilistic Safety Assessment for Nuclear Power Plants.
  8. a b c CSNI Technical Opinion Papers, No. 1: Fire Probabilistic Safety Assessment for Nuclear Power Plants doi : 10.1787 / 2581e46c-en - No. 2: Seismic Probabilistic Safety Assessment for Nuclear Facilities .
  9. a b Data for the quantification of event flow charts and fault trees ", March 1997, BfS-KT-18/97.
  10. [6] (PDF; 15.5 MB), OECD workshops “Reliability Data Collection”, Budapest, 1998, NEA / CSNI / R (98) 10, OECD / NEA, Paris.
  11. [7] (PDF; 1.8 MB), L. Bengtsson, J. Holmberg, J. Rossi, M. Kniehauer, Probabilistic Safety Goals for Nuclear Power Plants, May 2011, NKS-226, ISBN 978-87-7893 -296-9 .
  12. ^ Society of Automotive Engineers : Aerospace Recommended Practice ARP4761: Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment , December 1996
  13. ^ Society of Automotive Engineers : Aerospace Recommended Practice ARP4754: Certification Considerations for Highly-Integrated or Complex Aircraft Systems , November 1996
  14. Safety of nuclear facilities. (No longer available online.) Federal Ministry for the Environment, Nature Conservation, Building and Nuclear Safety , February 1, 2010, archived from the original on April 8, 2014 ; Retrieved April 3, 2014 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / www.bmub.bund.de
  15. [8] (PDF; 128 kB), TÜV Nord, “4th TÜV Workshop on Living PSA Application”, TÜV Nord, May 1994.
  16. a b [9] , OECD Nuclear Energy Agency, "State of Living PSA and Further Development", NEA / CSNI / R (99) 15, Paris, July 1999.
  17. [10] , US Nuclear Regulatory Commission: “An Approach for Using Probabilistic Risk Assessment in Risk-Informed Decisions on Plant-Specific Changes to the Licensing Basis”, REGULATORY GUIDE 1.174, 1998.
  18. ^ PSA 02: “Risk-informed decision making at nuclear facility”, American Nuclear Society, International Topical Meeting on Probabilistic Safety Assessment, Detroit, Oct. 2002.
  19. [11] , “PRA Procedures Guide: A Guide to the Performance of Probabilistic Risk Assessments for Nuclear Power Plants”, NUREG / CR-2300.
  20. [12] , NUREG CR-2815, Probabilistic Safety Assessment (PSA) Procedure Guide, 1985.
  21. [13] , American Society of Mechanical Engineers (ASME), “Standard for Probabilistic Risk Assessment for Nuclear Power Plants (NPP) Applications”.
  22. [14] (PDF; 1.8 MB), IAEA: "Development and Application of Level 1 Probabilistic Safety Assessment for Nuclear Power Plants".
  23. [15] (PDF; 1.1 MB), IAEA: "Development and Application of Level 2 Probabilistic Safety Assessment for Nuclear Power Plants".
  24. [16] (PDF; 1.6 MB), HSE, "Application of QRA in operational safety issues", 2002.
  25. [17] (PDF; 716 kB), NORSOK STANDARD Z-013 Risk and emergency preparedness analysis .
  26. [18] (PDF; 71 kB), RJ Patel, "Risk-Based Inspection", Middle East Nondestructive Testing Conference & Exhibition, Bahrain, 11.2005,.
  27. ^ [19] , Offshore and Onshore Reliability Data Handbook.
  28. ^ The international handbook on Engineering Safety Management .
  29. ^ Engineering safety management , Office of the National Rail Safety Regulator, November 28, 2017.