-
An Application of a Modified Beta Factor Method for the Analysis of Software Common Cause Failures
Authors:
Tate Shorthill,
Han Bao,
Edward Chen,
Heng Ban
Abstract:
This paper presents an approach for modeling software common cause failures (CCFs) within digital instrumentation and control (I&C) systems. CCFs consist of a concurrent failure between two or more components due to a shared failure cause and coupling mechanism. This work emphasizes the importance of identifying software-centric attributes related to the coupling mechanisms necessary for simultane…
▽ More
This paper presents an approach for modeling software common cause failures (CCFs) within digital instrumentation and control (I&C) systems. CCFs consist of a concurrent failure between two or more components due to a shared failure cause and coupling mechanism. This work emphasizes the importance of identifying software-centric attributes related to the coupling mechanisms necessary for simultaneous failures of redundant software components. The groups of components that share coupling mechanisms are called common cause component groups (CCCGs). Most CCF models rely on operational data as the basis for establishing CCCG parameters and predicting CCFs. This work is motivated by two primary concerns: (1) a lack of operational and CCF data for estimating software CCF model parameters; and (2) the need to model single components as part of multiple CCCGs simultaneously. A hybrid approach was developed to account for these concerns by leveraging existing techniques: a modified beta factor model allows single components to be placed within multiple CCCGs, while a second technique provides software-specific model parameters for each CCCG. This hybrid approach provides a means to overcome the limitations of conventional methods while offering support for design decisions under the limited data scenario.
△ Less
Submitted 22 June, 2022;
originally announced June 2022.
-
Quantitative Evaluation of Common Cause Failures in High Safety-significant Safety-related Digital Instrumentation and Control Systems in Nuclear Power Plants
Authors:
Han Bao,
Hongbin Zhang,
Tate Shorthill,
Edward Chen,
Svetlana Lawrence
Abstract:
Digital instrumentation and control (DIC) systems at nuclear power plants (NPPs) have many advantages over analog systems. They are proven to be more reliable, cheaper, and easier to maintain given obsolescence of analog components. However, they also pose new engineering and technical challenges, such as possibility of common cause failures (CCFs) unique to digital systems. This paper proposes a…
▽ More
Digital instrumentation and control (DIC) systems at nuclear power plants (NPPs) have many advantages over analog systems. They are proven to be more reliable, cheaper, and easier to maintain given obsolescence of analog components. However, they also pose new engineering and technical challenges, such as possibility of common cause failures (CCFs) unique to digital systems. This paper proposes a Platform for Risk Assessment of DIC (PRADIC) that is developed by Idaho National Laboratory (INL). A methodology for evaluation of software CCFs in high safety-significant safety-related DIC systems of NPPs was developed as part of the framework. The framework integrates three stages of a typical risk assessment, qualitative hazard analysis and quantitative reliability and consequence analyses. The quantified risks compared with respective acceptance criteria provide valuable insights for system architecture alternatives allowing design optimization in terms of risk reduction and cost savings. A comprehensive case study performed to demonstrate the framework capabilities is documented in this paper. Results show that the PRADIC is a powerful tool capable to identify potential digital-based CCFs, estimate their probabilities, and evaluate their impacts on system and plant safety.
△ Less
Submitted 7 April, 2022;
originally announced April 2022.
-
An Integrated Risk Assessment Process of Safety-Related Digital I&C Systems in Nuclear Power Plants
Authors:
Hongbin Zhang,
Han Bao,
Tate Shorthill,
Edward Quinn
Abstract:
Upgrading the existing analog instrumentation and control (IC) systems to state-of-the-art digital IC (DIC) systems will greatly benefit existing light-water reactors (LWRs). However, the issue of software common cause failure (CCF) remains an obstacle in terms of qualification for digital technologies. Existing analyses of CCFs in I&C systems mainly focus on hardware failures. With the applicatio…
▽ More
Upgrading the existing analog instrumentation and control (IC) systems to state-of-the-art digital IC (DIC) systems will greatly benefit existing light-water reactors (LWRs). However, the issue of software common cause failure (CCF) remains an obstacle in terms of qualification for digital technologies. Existing analyses of CCFs in I&C systems mainly focus on hardware failures. With the application and upgrading of new DIC systems, design flaws could cause software CCFs to become a potential threat to plant safety, considering that most redundancy designs use similar digital platforms or software in their operating and application systems. With complex multi-layer redundancy designs to meet the single failure criterion, these IC safety systems are of particular concern in U.S. Nuclear Regulatory Commission (NRC) licensing procedures. In Fiscal Year 2019, the Risk-Informed Systems Analysis (RISA) Pathway of the U.S. Department of Energy (DOE) Light Water Reactor Sustainability (LWRS) Program initiated a project to develop a risk assessment strategy for delivering a strong technical basis to support effective, licensable, and secure DIC technologies for digital upgrades and designs. An integrated risk assessment for the DIC (IRADIC) process was proposed for this strategy to identify potential key digital-induced failures, implement reliability analyses of related digital safety IC systems, and evaluate the unanalyzed sequences introduced by these failures (particularly software CCFs) at the plant level. This paper summarizes these RISA efforts in the risk analysis of safety-related DIC systems at Idaho National Laboratory.
△ Less
Submitted 16 December, 2021;
originally announced December 2021.
-
A Redundancy-Guided Approach for the Hazard Analysis of Digital Instrumentation and Control Systems in Advanced Nuclear Power Plants
Authors:
Tate Shorthill,
Han Bao,
Hongbin Zhang,
Heng Ban
Abstract:
Digital instrumentation and control (I&C) upgrades are a vital research area for nuclear industry. Despite their performance benefits, deployment of digital I&C in nuclear power plants (NPPs) has been limited. Digital I&C systems exhibit complex failure modes including common cause failures (CCFs) which can be difficult to identify. This paper describes the development of a redundancy-guided appli…
▽ More
Digital instrumentation and control (I&C) upgrades are a vital research area for nuclear industry. Despite their performance benefits, deployment of digital I&C in nuclear power plants (NPPs) has been limited. Digital I&C systems exhibit complex failure modes including common cause failures (CCFs) which can be difficult to identify. This paper describes the development of a redundancy-guided application of the Systems-Theoretic Process Analysis (STPA) and Fault Tree Analysis (FTA) for the hazard analysis of digital I&C in advanced NPPs. The resulting Redundancy-guided System-theoretic Hazard Analysis (RESHA) is applied for the case study of a representative state-of-the-art digital reactor trip system. The analysis qualitatively and systematically identifies the most critical CCFs and other hazards of digital I&C systems. Ultimately, RESHA can help researchers make informed decisions for how, and to what degree, defensive measures such as redundancy, diversity, and defense-in-depth can be used to mitigate or eliminate the potential hazards of digital I&C systems.
△ Less
Submitted 5 May, 2020;
originally announced May 2020.
