Sin ttulo de diapositiva - PowerPoint PPT Presentation

1 / 33
About This Presentation
Title:

Sin ttulo de diapositiva

Description:

IAEA Safety Guide C.S. 50-SG-D1 (Safety functions and component classification ... Example: FOUR TRAINS / FOUR VOTERS (2oo4) / FAL 2oo4 Passive Failures ... – PowerPoint PPT presentation

Number of Views:88
Avg rating:3.0/5.0
Slides: 34
Provided by: Gom14
Category:

less

Transcript and Presenter's Notes

Title: Sin ttulo de diapositiva


1
Redundancy and Diversity in CAREM First Reactor
Protection System (FRPS) design
Common-Cause Failures in Digital Instrumentation
and Control Systems of Nuclear Power Plants 19 to
21 June 2007 Bethesda, Maryland, USA

Lorenzo, G. - Fittipaldi, A. - Azcona, A. -
Maciel, F. Gerencia de Energía
Nuclear Comisión Nacional de Energía Atómica
(CNEA) - Argentina
2
CAREM RPS Overview of the Design Requirements
In order to establish the requirements for CAREM
Reactor Protection System the following standards
/ recommendations were considered at design stage
Standard AR 3.4.1. Protection System and Related
Instrumentation with Safety of NPP. (Nuclear
Regulatory Body of Argentina). Standard AR 3.4.2.
Shutdown System for NPP (Nuclear Regulatory Body
of Argentina). IAEA Safety Guide C.S. 50-SG-D1
(Safety functions and component classification
for BWR, PWR and PTR) IAEA Safety Guide C.S.
50-SG-D3 (Protection system and related features
in nuclear power plants) International Standards
(IEEE, IEC, etc, for specific requirements)
3
CAREM RPS Overview of CAREM Shut-down system
  • First Shut-down System
  • Actuation elements neutron absorbing rods
    dropped by action of gravity
  • First Reactor Protection System Qualified
    digital IC platform
  • Design requirements
  • Fulfillment of the considered standards /
    recommendations
  • High FRPS RELIABILITY with proper rejection to
    spurious actuations (high REACTOR
    AVAILABILITY)
  • Cost effective architecture
  • Second Shut-down System
  • Actuation element gravity-driven injection of
    borate water at high pressure
  • Second Reactor Protection System Hardware based
    system

4
CAREM FRPS Overview of the System Architecture
Hardware implemented
Ti Set of signals of Train i (i 1, 2, 3 and
4) APU Acquisition and Processing Unit VU
Voting Unit FAL Final Actuation Logic
  • Redundancy
  • Four redundant Trains
  • Two Voting Units (2oo4)
  • Final Actuation Logic (1oo2)

Communication Channels
  • Diversity
  • Different technologies for field sensors (HART
    4-20mA)

Single Train

5
CAREM FRPS Redundancy level in Voting Units
  • Motivation of the analysis
  • To establish an OPTIMAL number of Voting Units
    redundancies without penalizing the FRPS
    Reliability figure.

Two options were examined
Procedure Assessment of both architectures by
means of two-dimensional Markov chains regarding
both aspects, FRPS Reliability and REACTOR
Availability
6
CAREM FRPS Redundancy level in Voting Units
Brief introduction to Markov chains
A Markov model is a tool which provides the
capability to represent various system states
(success or failures) and component failure
dependency (or failure sequence). The basic
assumption in a Markov model is that the state
transitions are memory-less, this means that the
transition probabilities are determined only by
the initial and final state Example Markov model
for a single repairable component
Transition probabilities
S0 Success state S1 Failure state
6
7
CAREM FRPS Redundancy level in Voting Units
Brief introduction to Markov chains
A Markov model is a tool which provides the
capability to represent various system states
(success or failures) and component failure
dependency (or failure sequence). The basic
assumption in a Markov model is that the state
transitions are memory-less, this means that the
transition probabilities are determined only by
the initial and final state Example Markov model
for a single repairable component
Simplified representation
S0 Success state S1 Failure state
6
8
CAREM FRPS Redundancy level in Voting Units
Brief introduction to Markov chains Achieving a
model solution
Markov chains resolution was performed by the
code CARMS V1.1 (Computer Aided Rate Modeling and
Simulation). CARMS code has been developed by
Minnesota University and it is a
free-distribution software
6
9
CAREM FRPS Redundancy level in Voting Units
Brief introduction to Markov chains Achieving a
model solution
Markov chains resolution was performed by the
code CARMS V1.1 (Computer Aided Rate Modeling and
Simulation). CARMS code has been developed by
Minnesota University and it is a
free-distribution software
Regarding the previously introduced example
CARMS representation
S0 Success state S1 Failure state
Differential equations
Analytical solution
6
10
CAREM FRPS Redundancy level in Voting Units
Brief introduction to Markov chains Achieving a
model solution
Markov chains resolution was performed by the
code CARMS V1.1 (Computer Aided Rate Modeling and
Simulation). CARMS code has been developed by
Minnesota University and it is a
free-distribution software
Regarding the previously introduced example
CARMS solution (non symbolic)
S0 Success state S1 Failure state
Differential equations
Analytical solution
6
11
CAREM FRPS Redundancy level in Voting Units
  • Background definitions
  • Active failure This type of failure is DETECTED
    (exposed failure) by the FRPS and implies the
    REACTOR unavailability
  • Passive failure This type of failure is NOT
    DETECTED (non exposed failure) by the FRPS and
    implies the FRPS unreliability
  • Main considerations for the analysis by means of
    two-dimensional MARKOV chains
  • Abscissas axis field information Channels (c)
    (i.e. sensors set, APU stage and Communication
    link with VU, all embedded)
  • Ordinate axis Voting Units (v).
  • Nomenclature adopted for each state
  • number of unavailable voters / number of
    unavailable channels


12
CAREM FRPS Redundancy level in Voting Units
  • Main considerations for the analysis by means of
    two-dimensional MARKOV chains (cont.)
  • Modeling hypothesis
  • Statistic independence between states
  • Failure rates (lc and lv) constants (time
    independent)
  • Repair rates (mc and mv) constants (time
    independent)
  • FRPS initial state 0/0 (i.e. the probability
    of this state at t0 is equal to 1)
  • Intermediate transitions of the type 0/0 to
    3/0 due to common cause failures will not be
    taken into account in the following analysis


13
CAREM FRPS Redundancy level in Voting Units
  • Motivation of the analysis
  • To establish an OPTIMAL number of Voting Units
    redundancies without penalizing the FRPS
    Reliability figure.

OPTION 1 FOUR TRAINS / FOUR VOTERS (2oo4) / FAL
2oo4

14
CAREM FRPS Redundancy level in Voting Units
OPTION 1 FOUR TRAINS / FOUR VOTERS (2oo4) / FAL
2oo4
Markov Diagram regarding PASSIVE failures
Markov Diagram regarding ACTIVE failures

15
CAREM FRPS Redundancy level in Voting Units
  • Motivation of the analysis
  • To establish an OPTIMAL number of Voting Units
    redundancies without penalizing the FRPS
    Reliability figure.

OPTION 2 FOUR TRAINS / TWO VOTERS (2oo4) / FAL
1oo2

16
CAREM FRPS Redundancy level in Voting Units
OPTION 2 FOUR TRAINS / TWO VOTERS (2oo4) / FAL
1oo2
Markov Diagram regarding PASSIVE failures
Markov Diagram regarding ACTIVE failures

17
CAREM FRPS Redundancy level in Voting Units
  • About the evaluation method proposed
  • The objective was to obtain QUALITATIVE results
    (i.e. in which condition both architectures give
    similar RELIABILITY figures) based on a
    quantitative method, by making an
    inter-comparison among the selected architectures
  • The figures employed in the procedure were
    derived from engineering judgment

With both Failures Rates, a single Reliability /
Availability value for Case I is obtained
Parametric analysis

18
CAREM FRPS Redundancy level in Voting Units
Calculation procedure regarding PASSIVE failures
Modeling by means of CARMS code
Calculation of Mean Unavailability
Selection of lC and lV
from contribution of all failure states (red
color) of the corresponding Markov chains
Calculation procedure regarding ACTIVE failures
Calculation of Asymptotic Unavailability
Modeling by means of CARMS code
Selection of lC and lV
(Steady-State value)

19
CAREM FRPS Redundancy level in Voting Units
RESULTS OBTAINED PASSIVE FAILURES

20
CAREM FRPS Redundancy level in Voting Units
Results obtained PASSIVE failures

21
CAREM FRPS Redundancy level in Voting Units
Results obtained PASSIVE failures

22
CAREM FRPS Redundancy level in Voting Units
Results obtained PASSIVE failures

23
CAREM FRPS Redundancy level in Voting Units
Results obtained PASSIVE failures

24
CAREM FRPS Redundancy level in Voting Units
Results obtained PASSIVE failures
In this case both configurations give the same
FRPS Reliability figures

25
CAREM FRPS Redundancy level in Voting Units
RESULTS OBTAINED ACTIVE FAILURES

26
CAREM FRPS Redundancy level in Voting Units
Results obtained ACTIVE failures

27
CAREM FRPS Redundancy level in Voting Units
Results obtained ACTIVE failures

28
CAREM FRPS Redundancy level in Voting Units
Results obtained ACTIVE failures

29
CAREM FRPS Redundancy level in Voting Units
Results obtained ACTIVE failures

30
CAREM FRPS Redundancy level in Voting Units
Results obtained ACTIVE failures
Reactor unavailability reasonably low (two orders
below the FRPS reliability target)

31
CAREM FRPS Capability for Multiple Failures
analysis
Example FOUR TRAINS / FOUR VOTERS (2oo4) / FAL
2oo4 Passive Failures
Multiple failures inclusion in VU and Channels

32
CAREM FRPS Conclusions
Both configurations examined provides almost the
same FRPS reliability figures when lVUlt lC (equal
reliability figures were obtained when lVUltlt lC).
This analysis supports the preliminary selection
of TWO Voting Units prior to FAL.
In case of the REACTOR availability analysis,
from the qualitative point of view, only same
trends (regarding the FRPS reliability analysis)
were verified. As a quantitative screening, if
conservatively lVU is set up in 10-5 (for
instance a parts count of ten items, each one of
them with FR 10-6) a REACTOR availability of
10-5 is obtained, which is two magnitude orders
lower than the FRPS reliability target.
Markov diagrams provides a proper tool for
multiple failure analysis, since they can be
included inherently in the model, allowing the
consideration of any desired failure
multiplicity.
33
References
1 Análisis de Confiabilidad del 1º Sistema de
Protección del Reactor CAREM. Comparación entre
arquitecturas con 4 o 2 votadores. Alejandro
Robert. CAREM project technical report 2
Requerimientos del Sistema de Protección del
Reactor. CAREM project technical report 3
Arquitectura del Sistema de Protección del
Reactor. CAREM project technical report 4
Modeling for Reliability Analysis.
Pukite-Pukite, IEEE PRESS, 1998 5
http//www.tc.umn.edu/puk/carms.htm 6
Confiabilidad de Sistemas Electrónicos. José Luís
Roca. Ed. Nexus, 2001
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Sin ttulo de diapositiva" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!