This invention relates to nuclear power plants and in particular to a safety monitoring and evaluation system for such plants.
The prior art, as represented by U.S. Pat. No. 4,330,367, SYSTEM AND PROCESS FOR THE CONTROL OF A NUCLEAR POWER SYSTEM, includes on-line, computer-implemented safety monitoring and protection systems. Such systems monitor the status of the plant parameters, identify changes, determine whether the changes require protective action, and initiate necessary protective action early enough during a transient, so that the limit is not violated at any time during the transient. Such a system takes the condition of the plant as a given, and is not used on-line as a tool for plant safety management.
Recently, the nuclear regulatory authorities and the nuclear industry have been interested in managing plant safety by evaluating plant operating experience to obtain a quantitative data base of incidents that decrease the safety margin in the plants. Two major programs established for this purpose were sponsored by the Nuclear Safety Evaluation Center (Significant Event Evaluation and Information Network, NSAC Program Description, Draft Revision One, Nov. 18, 1980) and the Nuclear Regulatory Commission's Office for Analysis and Evaluation of Operational Data, which is described in "New Trends in the Evaluation and Implementation of the Safety-Related Operating Experience Associated with NRC-Licensed Reactors", Nuclear Safety, Volume 22, No. 1, January-February 1981. These programs employ an initial screening procedure to assign a level of significance to each reported event. Both are based on manual comparison of event characteristics with a set of qualitative criteria. While the disposition of events classified as significant varies according to the function of the screening organization, the criteria of both organizations are designed to identify events that pose the highest risk to the public and plant. One important subset of these events is that representing the greatest increase in the probability of significant core damage. A quantitative measure of the magnitude of the increase is a direct measure of event significance.
The probability of significant core damage is typically determined using the fault tree-event tree modeling methodology as described in, "Reactor Safety Study, An Assessment of Accident Risks in U.S. Commercial Nuclear Power Plants", NUREG-75/014, WASH 1400, October 1975. The change in the probability that results when a particular component is known to be in the failed state, can be calculated by removing the probability of that component working from all of the fault trees in which it occurs and reevaluating the entire model.
The above-described techniques, and known modifications thereto, are directed toward either immediate evaluation and protection associated with adverse transients in progress, or with assessing the significance of an incident or accident after it has occurred. To some extent, these prior art techniques provide input to design improvements for new plants or for future modifications of existing plants. The prior art does not, however, suggest formal risk assessment techniques for managing plant operating risks to minimize the probability of the occurrence of significant events or to maximize the effectiveness of actions taken during the course of such events.