Proceedings of the Eighth International Conference on Probabilistic Safety Assessment & Management (PSAM)
226 Determining Risk-Balanced Allowed Outage Times for Loviisa Power Plant (PSAM-0394)
Download citation file:
- Ris (Zotero)
- Reference Manager
As a part of risk-informed reviewing of Technical Specifications (TS) a method for determining risk-balanced allowed outage times (AOT's) was developed for Loviisa PWR (VVER440). The method was tentatively applied to the emergency core cooling system including hydro accumulators and low pressure injection and recirculation.
Two different risk measures were considered to be interesting in studying AOT's. Firstly, the AOT-specific additional risk and secondly, the average additional yearly risk. Both risk measures are important to keep the momentary risk and the average risk at acceptable levels. The AOT-specific risk increase and the average yearly risk increase were required to stay within predetermined bounds. The longest outage time, that satisfies both constraints, was then determined as the risk-balanced AOT.
The predetermined bounds were determined from the existing TS. The method chosen to determine the risk bounds was found to have a major effect on the values of the bounds and further on the length of the risk-balanced AOT. In actual applications the bounds should be determined as a result of deductive reasoning.
All failures modeled in the plant-specific probabilistic safety assessment as basic events and addressed in TS, were classified into one of the four AOT classes ranging from immediate shutdown to three weeks. Using three different sets of risk bounds new risk-balanced AOT's were determined for the failures. Sensitivity studies revealed that the risk-balanced AOT's are more sensitive to the AOT specific risk bound than to the average additional yearly risk.
The existing AOT's were not found to be balanced according to their risk impact. This became apparent when considering the average of the risk increase factors (RIF's) in the four AOT classes. Risk-balancing classifies events with similar risk importances into the same AOT classes. The existing TS are not risk-based and it can be seen in the fact that the current classification has events with significantly different risk impacts in the same AOT classes. Furthermore, the risk-balanced classification resulted, on the average, in longer AOT's than in the existing TS.
Not knowing how AOT's affect actual repair times causes uncertainties. As long as the results are only used for studying the risk-balance of the TS, an assumption of a linear relationship between repair times and AOT's can be made validating the results presented here. Other uncertainties in this pilot study came from assuming common cause failures independent of single failures. Shutdown risk was not considered on a failure specific basis. In stead a conservative proposition for the AOT-specific risk bound was made based on shutdown risk. Also the simplifications of the PSA model can have a major effect on the risk-balanced results, unless they can be identified and dealt with appropriately.
This methodology was found useful and the study is planned to be expanded to cover the whole plant. In the future the methodology will be enhanced and it will be upgraded to take into consideration also the risk of shutdown with a failed component. The whole PSA is also undergoing developments that will lead to the modeling of partial common cause failures. The described method shows that using risk-informed methods in reviewing TS may lead to lower risk and less stringent regulation. Further research on the effect of the AOT on actual repair times is planned.