PSAs are being used in various regulatory applications in all Member States with CANDU-type reactors. Sharing information on PSA applications to risk-inform various aspects of NPP operation is viewed as beneficial towards harmonizing approaches across Member States. In this regard, there are two major elements: (i) the development of probabilistic goals; and, (ii) development of the guidelines for use in risk informed decision making. Hence, it was recognized that apart from other harmonization issues, the CPWG needs to collect and compare
the information on different probabilistic measures, which are used in the CPWG Member States for different PSA applications.
This Section presents the results of the CPWG tasks 2010-09/2010-05, the objective of which was to collect information on the procedure and methods for PSA applications as well as numerical acceptance guidelines for PSA results. A survey was circulated across Member States with CANDU-type reactors to consider the PSA applications mentioned in IAEA-TECDOC-1200, Applications of PSA for NPPs [9] with only responses provided by Argentina, Pakistan and India.
In addition, this section provides information on the software tools used for the development of level 1 PSA models among the CPWG Member States.
4.1. RISK METRICS
There is variability between Member States in the regulatory framework for specifying time-averaged safety goals for probabilistic risk metrics and on the scope of PSA (level 1 versus level 2 versus level 3). In all cases, the time-averaged PSA risk metrics reflect a best estimate approach, which is interpreted that risk metrics are generally expressed as an arithmetic mean value. In terms of applying time-averaged probabilistic risk metrics to the definition of individual system unavailability targets, predefined target values for special safety systems (shutdown systems, containment, and emergency core cooling) have generally been defined at 1E-03 years/year. There appears to be little consensus on application of PSA for defining the target of other modelled mitigating systems4.
The scope and quality of a PSA determines the applications to which it can be applied (Ref. [4]). If the quality of the PSA is limited, how and to what applications the probabilistic risk metrics may be applied undergoes scrutiny to ensure insights from the PSA are appropriately weighed and that uncertainties in the PSA are not driving decision making.
Provided that sufficient quality and scope of a PSA is assured, the probabilistic measures of primary importance include severe core damage frequency (SCDF), large (early) release frequency (LRF or LERF), and individual mitigating system unavailability targets that may be established. Often, these measures are applied to, but are not limited to:
• defining or optimizing test and surveillance intervals included in technical specifications or plant programs;
• defining allowable outage times through risk monitors or assessments by applying instantaneous risk thresholds or criteria when equipment is removed from service;
• supporting graded approaches to define the scope of deterministic safety analysis;
• identifying and categorizing initiating events;
• defining operator action times and end states in case of unplanned equipment failure;
• evaluating risk impact as part of operational events precursor analysis;
• supporting reliability-centred maintenance processes.
Where Member State regulatory processes also require compliance with quantitative health objectives via level 3 PSA (limited or full scope), applicable probabilistic measures may also include individual early or late fatality risk, assurance that predicted cancer rates fall within
4 Note that although not included in the survey responses, one NPP in Canada has followed a methodology for defining individual system unavailability targets directly from the PSA, which has received regulatory acceptance.
some percentage of background rates, or some other variation of this requirement, depending on specific regulatory objectives for a Member State. Such probabilistic measures can be utilized to assist in emergency planning and in support of environmental risk assessment.
4.2. SOFTWARE TOOLS FOR LEVEL 1 PSA
A number of verified and validated computer codes and software packages are currently used for performing PSA in CPWG Member States. Typically, an integrated software package is used in the level 1 PSA analyses for the development and storage of system models, accident sequence models, failure data, and accident sequence quantification. Other computer codes are used to ensure deterministic support for the PSA models (e.g. TH calculations to support success criteria analysis). The summary of the computer codes used for the development of level 1 PSA models among the CANDU-type operating countries are presented in Table 6.
TABLE 6. COMPARISON OF LEVEL 1 PSA TOOLS
MEMBER STATE COMPUTER CODE USED FOR LEVEL 1 PSA VERIFICATION/VALIDATION STATUS
Argentina RISK SPECTRUM Verified and validated by Lloyd's Register
Consulting
Canada CAFTA, FTREX, ACUBE, FRANX Verification and validation of the codes is done by EPRI and vendors prior to use of a new code version
China CAFTA Same as Canada above
India RISK SPECTRUM The regulatory requirement is brought in
AERB safety guides Republic of Korea AIMS PSA (quantification engine: FTREX) by
regulatory body and the utility uses SAREX (quantification engine: FORTE) for level 1 PSA
Verified and validated by vendor KAERI and KEPCO E&C
Pakistan RISK SPECTRUM Same as Argentina above
Romania CAFTA Same as Canada above
4.3. OBSERVATIONS
In general, all Member States with CANDU-type reactors that responded to the survey apply similar probabilistic measures to support PSA applications such as SCDF, LRF, LERF or system unavailability targets. Some Member States also require probabilistic risk metrics applicable to level 3 PSA.
The definition of system unavailability targets for specific safety systems is consistent;
however, the Canadian methodology of defining unavailability targets for other mitigating systems directly from PSA using time-based probabilistic measures can be shared.
While instantaneous probabilistic measures can be applied to determine AOT, there is an opportunity to provide a consistent definition of instantaneous risk threshold across all Member States operating CANDU-type reactors such that all CANDU-type reactors are controlling acceptable operational risks in a similar manner.
In terms of software tools, it could be concluded that CPWG Member States mostly use Risk Spectrum and CAFTA. The Republic of Korea uses different computer software called AIMS PSA and SAREX. The Member States indicated that the computer codes used for PSA are validated by the vendors and users.