CCF Methodology and CCF of support system initiating events

SEE FULL VERSION
AProbabilistic Safety Analysis (PSA) is a probabilistic study that, through a model that reflects the behaviour of a power plant, makes possible to establish the expected core damage frequency or the radioactive products release frequency of the plant. The design of the plant, its procedures and its operating practice is analysed to develop this model.

Dependent failure is the related failure of several components due to the same demand or within a time interval for the same cause.

Common Cause Failure (CCF) is a dependent failure in which the components fail from a “residual” shared common cause not accounted for in the models.

The basic defences against CCF are redundancy, functional separation, physical separation, diversity, and separation in time (equipment replacement or staggered testing). There are defensive measures at the plant itself: suitable monitoring and maintenance, quality control, auxiliar and operator training, qualified equipment usage, etc.

In the early 1980s, a lot of research have been done in the area of CCF. EPRI published a database of NPP CCF events in 1985 (EPRI TR-100382). In 1988, the NRC and EPRI published “Procedures for Treating Common Cause Failures in Safety and Realiability Studies.”

In the ANAV PSA, the EPRI TR-100382 was used, applying the parametric model of the Multiple Greek Letters.

The NRC and INL developed a procedure for the CCF collection and analysis, and a computer system for the storage and analysis of events. The database is located on the NRC website and it is identified as CCFParameterEstimates followed by the year of the analysis upper cutoff date, with estimations for the “α-factor” and “Multiple Greek Letter” methods.

ANAV considered using this data source more updated and, due to the advantages of the α-factor, method over the MGL (had better model to deal with k-of-m component probabilities, adequate treatment of uncertainty, and less complexity for the consideration of staggered or non-staggered tests), it was decided to migrate from methodology to α factors. The Risk Spectrum program used to quantify the PSA models is set up to calculate directly CCF probabilities/rates by inputting these factors.

Another important issue was the running CCF in initiating events by estimating the frequency of supported systems with alternating trains. It was considered the possibility that the running train failed and then, when the redundant one in standby starts it could fail for the same cause. However, it did not seem reasonable to assume the same status in those teams. Such an unlikely situation could alter the results of the PSA.

EPRI, in 2021, published TR 3002020764, and analysed this issue: in 2952 reactor-years, 5 events of total or partial loss of service water occurred. None of them involved running components and on standby. The conclusion was that there was strong evidence in operating experience (zero CCF events in 25,900,000 hours) to reject the application of this kind of CCF in a model that represents a initiating event supported system. Additionally, it is defined as two active modes, but distinct failure, failure to run during the mission time after a successful demand, and the failure of components normally running to keep on running. In both cases, it is a failure to run, but the conditions are completely different.

Because of the EPRI analysis, ANAV decided to suppress in the initiating event models of supported systems this kind of common cause failures.

¡Recibe nuestra newsletter!

    The data provided by you is processed by the Spanish Nuclear Society in accordance with EU Regulation 2016/679 on Data Protection, with the purpose of managing your requests, answering queries, administrative, statistical processing and sending SNE communications, about your activity, events, etc. The transfer of data is not foreseen (unless legally required) or international data transfers; and through the Privacy Policy you have all the rights that assist you in terms of privacy.