Reliability analyses of PWR safety systems by the GO-FLOW...
Transcript of Reliability analyses of PWR safety systems by the GO-FLOW...
PWR safety systems
IWNSST17:T.MATSUOKA, Utsunomiya University
Reliability analyses of PWR safety systems by the GO-FLOW methodology
Takeshi MATSUOKA
Utsunomiya University, Japan College of Nuclear Science and Technology,
Harbin Engineering University
Introduction PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
In this presentation, the reliability or availability of AP1000 passive safety systems are evaluated by the GO-FLOW methodology, and compared with active safety systems of conventional PWR plants. AP1000 has passive safety systems and they have dynamical characteristics, and make phased mission problems. The GO-FLOW methodology is well adopted to analyze dynamical system behavior and phased mission problems. Also important information could be obtained by the common mode failure and uncertainty analyses.
AP1000 PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
The AP1000 employs passive safety systems, in order to provide significant improvement in plant safety design. A passive safety system is defined as a safety system which operation is only relied on passive components. A passive component does not require any external input or energy for its operation, and only relies on natural physical laws ( gravity, natural circulation, conduction, etc ). The AP1000 safety systems have two main systems, passive core cooling system ( PXS ) and passive containment cooling system ( PCCS ).
AP1000 passive safety systems PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Passive containment cooling system ( PCCS ) --- there are two modes of operations. Passive core cooling system ( PXS ) --- there are five modes of operations. ① Passive safety injection system ( PSIS ) ② Automatic depressurization system ( ADS ) --- there are four stages. ③ Passive residual heat removal system ( PRHRS )
PWR safety systems
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Containment spray system ( CSS ) --- sensitivity analysis, --- uncertainty analysis, --- common cause failure analysis Emergency core cooling system ( ECCS ) *) They are active safety systems, that is, they have active components as water injection pump, motor operated valve, and so on.
Structure of AP1000 - PXS PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Sub systems of PXS 1. Two core makeup tanks (CMTs) provide relatively high flow borated water in a
long time at any pressure. 2. Two pressurized accumulators (ACCs) provide high flow borated water to the
reactor vessel in a short time interval. 3. An in-containment refueling water storage tank (IRWST) provides low flow
borated water in a longer time after system pressure drops to near the containment pressure.
4. A passive residual heat removal system (PRHRS) with C-shape tubes heat exchanger is located inside the IRWST.
5. The automatic depressurization system (ADS) consists of two trains of depressurization valves with the first three stages (1, 2, 3) coming from the pressurizer and fourth-stage valves coming from hot legs. During the LOCA, these valves open subsequently to provide a controlled depressurization rate of the primary system.
6. A recirculation sump that collects the water discharged from the primary system and steam that condenses within the containment.
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Single loop model of AP1000 PXS system PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Component symbols used in models of PXS and PCCS
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Normally open motor operated valves
Check valves
Squib valve
Air Operated valves
Isolation valves
Closed motor
operated valves RCS Pressure sensor
Containment pressure sensor
Low lever water sensor
Signal for injection phase Signal for recirculation
phase Signal for ADS system Valve & pump Close signal
Pump
Break point
Reactor trip signal
Containment temperature sensor
Containment temperature signal
Transient behavior of AP1000 PXS system during LBLOCA
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Start, Stop , Ø Empty TIME LINE (sec)
Reactor Trip
SG ValveMain Steam Isolation ValveRCP tripCMTV015AV014APRHR HXV108A/BAccumulators V028AV029AADS1V001A/BV011A/BADS2V002A/BV012A/BADS3V003A/BV013A/BADS4V004a/b/c/dV014a/b/c/dIRWSTV123AV125ASumpV117AV118AV119AV120A
67.5% of CMT level
20% of CMT level
Break
Blowdown phase
Refill/Reflood Phase
ADS blow-down phaseIRWST gravity injection
phase
ACC injection End
CMT empty
15.5Mpa
12.41 Mpa
11.72Mpa
4.83Mpa
3.44Mpa
2.06Mpa
0.68Mpa
0.34Mpa
0.17Mpa
0.068Mpa
RC
S Pr
essu
re (M
Pa)
11.72 Mpa
4.83 Mpa
IRWST low -3 level
RCS Pressure (MPa)
Continues for recirculation phase
0.0 4.2 85 450 750 1491 1800 2000 3600………...
Recir-sump long term cooling phase
0.0 2.0 2.2 3.2 4.2 11.2 12.4 85 450 750 820 940 1491 1800 1900 2000 3600……...
Continues until reactor reached at cold standby state
Change of mode from injection to recirculation
Start of accident
ØØ
Ø
RCS Pressure without ADS actuation
Ø
GO-FLOW chart of AP1000 passive core cooling system
PWR safety systems
Success probability and failure rate of AP1000 PXS and PCCS components PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Components of PXS and PCCS Success probability
(per demand)
Failure rate
(sec) λo, λc
Components Success probability
/per demand
Failure rate
(sec) λo, λc
V014A, V015A Pg=0.999 1.00×10-6 IRWST Pg =0.999999 1.00×10-5
V016A,V017A Pg=0.99999 1.00×10-8 Sump Pg= 0.999999 1.00×10-5
V028A Pg=0.9982480 2.00×10-7 V121A Pg=0.99, Pp=0.00 1.00×10-6
V029A Pg=0.9982480 2.00×10-7 V123A,V125A Pg=0.99, Pp=0.00 1.00×10-5
V027A Pg=0.999992 1.00×10-8 V122A,V124A Pg=0.98, Pp=0.00 2.00×10-7
Accumulator-1 Pg=0.9999 1.00×10-5 V117A Pg=0.99, Pp=0.00 1.00×10-6
Core Makeup Tank-1
CMT open & close action
Pg=0.99, Po=1.00
Pc=1.00, Pp=1.00
1.00×10-5 V118A,V120A Pg=0.99, Pp=0.00 1.00×10-5
ACC-1 exhausted Pg=1.00 V119A Pg= 0.98, Pp=0.00 2.00×10-7
PRHR- HX Pg=0.999 1.00×10-8 RCP Pg= 0.99 1.00×10-5
V108A/B Pg=0.98, Pp= 0.00 1.00×10-6 ADS-4 V014a/b/c/d Pg= 0.98 1.00×10-5
ADS-1V001A/B, V011A/B Pg=0.97 1.00×10-5 ADS-4 V004a/b/c/d Pg= 0.99 1.00×10-4
ADS-2 V002A/B,V012A/B Pg=0.97 1.00×10-5 Pressurizer tank Pg= 0.99999 1.00×10-5
ADS-3 V003A/B,V013A/B Pg=0.97 1.00×10-5 HOT leg steam Pg= 0.9999 1.00×10-6
PCS-V002A/B/C Pg=0.99 1.00×10-5 PCS-V001A/B Pg= 0.999 1.00×10-6
PCS-V001C Pg=0.99 1.00×10-5 PCCWST Pg= 0.99999 1.00×10-5
Analysis results PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
The design of ADS of AP1000 consists of four stages depressurization valves that open sequentially.
ADS system
CLCL
HL
HL
DVI LINE 1
IRWST Screen (1 of 2)
Sump
IRWST
PRHR HX
4th Stage ADS (1)
Pressurizer
Accumulator
Core Makeup Tank (CMT)
N2
V001A
V012A
V003AV013A
V002A
V011A
V014A
V014C
V004A
V004C
Spargers
ADS stages 1-3 (1)
N2
Break
REACTOR VESSEL
N2
CMT low level water signals
CMT low level-2 reached at setpoint 20.0%
20 sec after CMT Low level-1 reached at setpoint 67.5%
ADS1
ADS2, 70 sec after ADS1
ADS3, 120 sec after ADS2
Time delay signal
4th Stage ADS (2)
V004BV014B
V014D V004D
V011B V001B
V002BV012B
V013B V003B
ADS stages 1-3 (2)
CONTAINMENT
FROM THE CMT WATER LEVEL SENSOR
FROM THE CMT WATER LEVEL SENSOR
CMT low level-1 signal also transmitted to ADS (2)
NRHRS(Pumps &
Valves)
Injection path 1for full RCS
depressurization
Injection path 2for partial RCS depressurization
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
ADS stages 1 to 3 are arranged into two identical groups (A/B) and each group has: Common inlet header connected to top of reactor pressurizer Common discharge line of each group is connected to sparger in
IRWST Each line of ADS stages 1 to 3 arranged with two normally closed
MOVs in series ADS stage 4 also arranged into two identical groups (1 & 2) with different
valves configuration and each group has Common inlet header connected to one RCS hot leg Each group discharge directly into the containment atmosphere Each line of 4th stage arranged normally open MOVs and Squib
valves in series
Configuration of ADS system PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Accident conditions assumed for reliability analysis Potential failure modes of all ADS component The time span for ADS system is assumed from 750 to 3600 seconds during LBLOCA
accident. ADS conditions
ADS stages Components LBLOCA conditions of four stages ADS system Number of paths
ADS-1 stage (A/B)
V011A,V001A, V011B, V001B
V011A×V001A and V011B×V001B 2 out of 2 ADS-2 stage(A/B)
V012A, V002A, V012B, V002B
V012A×V002A and V012B×V002B 2 out of 2 ADS-3 stage (A/B)
V013A,V003A, V013B,V003B
V013A×V003A and V013B×V003B 2 out of 2 ADS-4 stage (1/2)
V014A/B/C/D, V004A/B/C/D
V014A×V004A and V014B×V004B and V014C×V004C OR V014A×V004A and V014B×V004B and V014D×V004D OR V014B×V004B and V014C×V004C and V014D×V004D
3 out of 4
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Time line of actuated component of PXS including ADS system
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
GO-FLOW chart of four stages ADS system
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Failure probability results of four stages ADS system Graphs 1-3-----> ADS 1-3 respectively Graphs 4-6------> ADS 4, To IRWST(ADS 1-3), & whole ADS system(1-4)
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Failure probability results of passive core cooling system (PXS) of AP1000 with successful actuation of ADS system, and failure probability results of PXS of AP1000 when ADS system fails to actuate during LBLOCA
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Structure of AP1000 - PCCS PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Passive containment cooling system (PCCS) 1. The primary objective of PCCS is to reduce the containment
temperature and pressure following the LOCA so that the design pressure does not exceed 59 psig (~0.40Mpa).
2. Provide the ultimate heat sink in accident condition. The steel containment vessel removes heat from inside
containment and transfers it to the atmosphere for 72 hours, by continuous natural circulation of air.
During an accident, air cooling is supplemented by water evaporation and water drains by gravity from the passive containment cooling water storage tank (PCCWST) located on top of the containment shield building.
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
GO-FLOW chart of AP1000 PCCS system
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Failure probability of passive containment cooling system of AP1000
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Active safety systems of conventional PWR
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Single loop model of active safety system of conventional PWR PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Failure probability of containment spray system of conventional PWR
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
DISCUSSIONS I. The failure probability results of passive core cooling
systems and passive containment cooling system conducted by GO-FLOW method are presented.
II. The inter-comparison of reliability results of respective passive safety systems of AP1000 and equivalent active safety systems of conventional PWR, as shown in figures.
III. The failure probability results of PWR’s containment spray system are presented into two phases, “phase 1, RWST injection phase” and phase 2, sump recirculation phase” and then discontinuously increase in sump recirculation phase.
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
DISCUSSIONS(2)
IV. While failure probability results of PCCS increases very slow rate with time and are very smaller than that of failure probability results of CSS system of conventional PWR in its both phases.
V. The PCCS of AP1000 can provide cooling to the containment shell until 72 hours for long term cooling after the accident.
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
PWR containment spray system PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Failure data Components Kind Success probability or
failure rate RWST Passive Pg= 0.999999,
λo= 1*10-5 /sec SAT Passive Pg= 0.99,
λo=1*10-5 /sec CRS Passive Pg=0.999999,
λo=1*10-5 /sec CSHEX Passive λo=1*10-8 /sec
CSP Active Pg= 0.99, λo=1*10-5 /sec
M1,M2,M3 M4
Active (Open and close action)
Po=0.96/demand , Pc=1.0/demand Pp=0.96, λo=1*10-8/sec, λc=1*10-8 /sec
M5,M6,M7 M8
Active (Open and close action)
Po=0.96/demand , Pc=0.96/demand, Pp=0.0, λo=1*10-8 /sec, λc=1*10-8 /sec
PWR safety systems
GO-FLOW chart of PWR containment spray system
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Failure probability of standard case
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Most sensitive parameter in phase 1(parameters, 21, 22, 37)
Sensitivity analyses
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Most sensitive parameter in phase 2, (parameters, 30,35, 41, 43)
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Most sensitive parameter in phase 2(parameter, 47, 51, 52)
PWR safety systems Uncertainty analyses Operator
number Uncertainty data Distribution
function Range
V1 V2 V3 1 2
21 0.99 0 0 Homogeneous
0.93 0.997
29 0.99 0 0 Homogeneous
0.93 0.997
46 0.99 0 0 Homogeneous
0.93 0.997
35 0 0.99 0 Homogeneous
0.93 0.99
41 0 0.99 0 Homogeneous
0.93 0.99
51 0 0.99 0 Homogeneous
0.93 0.99
52 0 0.99 0 Homogeneous
0.93 0.99
Operator V1 V2 V3 Log-normal Median Error factor
22 1×10-5
0 0 Log-normal 0.00001 10
37 1×10-5
0 0 Log-normal 0.00001 10
30 1×10-5
0 0 Log-normal 0.00001 10
43 1×10-5
0 0 Log-normal 0.00001 10
47 1×10-5
0 0 Log-normal 0.00001 10
IWNSST17: T.MATSUOKA, Utsunomiya University
Input window for uncertainty data in ELSAT
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
0.00001
0.0001
0.001
0.01
0.1
1
0 500 1000 1500 2000 2500 3000 3500 4000 4500
Fa
ilu
re P
ro
ba
bil
ity
Time T (sec)
Median by point estimation95% range of uncertaintyMean5% range of uncertainty
Result of uncertainty analysis
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Common Cause Failure analyses Set three groups for CCFs analysis.
The first group: two containment spray pumps (CSP) A and B,(operators 30, 47) and nature of failure or failure mode is “fails to start”.
The second group: three motor operated valves M6, M7 and M8 (operators 41, 51, 52) and failure mode is “failure in open and close action”.
The third group: spray additive tank (SAT) and RWST (operators 22, 37) and failure mode is “failure during usage”.
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
1.00E-05
1.00E-04
1.00E-03
1.00E-02
1.00E-01
1.00E+00
0 500 1000 1500 2000 2500 3000 3500 4000 4500
Fa
ilu
re P
rob
ab
ilit
y
Time T (sec)
Independent
Gropu 1
Group 2
Group 3
Total
Results of common cause failure analysis for PWR containment spray system.
CONCLUSIONS I. Quantitative dynamic reliability analysis of AP1000
passive safety systems has been conducted in order to confirm that, how to evaluate dynamic systems by GO-FLOW methodology.
II. The passive safety system’s concept is more reliable than the PWR’s active safety systems.
III. It was discussed that passive safety components depend on the two types of failure modes, Type A: structural failure (hardware failure), physical degradation and Type B: functional failure due to blocking of intended natural phenomena.
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
CONCLUSIONS(2) IV. The reliability of AP1000 PXS is higher from the
blow-down phase to IRWST gravity injection phase. V. Then decrease discontinuously in the recirculation
phase because the redundancies of injection subsystems only reduced into the recirculation sump and also due to increase the failure probability of components with time.
VI. ADS system is a key safety system of AP1000 for the successful actuation of subsystems of PXS and PCCS comparatively to PWR plant.
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
References MATSUOKA Takeshi, “GO-FLOW methodology -Basic concept and
integrated analysis framework for its applications”, Nuclear Safety and Simulation, Vol. 1(3), pp.198-206 (2010)
HASHIM Muhammad, MATSUOKA and YANG Ming, “Development of a reliability monitor for the safety related subsystem of a PWR considering the redundancy and maintenance of components by fault tree and GO-FLOW methodologies”,Nuclear Safety and Simulation, Vol. 3(2), pp.164-175(2012)
HASHIM Muhammad, YOSHIKAWA Hidekazu, and YANG Ming, “Addressing the fundamental issues in reliability evaluation of passive safety of AP1000 for a comparison with active safety of PWR”, Nuclear Safety and Simulation, Vol. 4(2), pp.147- 159 (2013)
Hashim Muhammad, Yoshikawa Hidekazu, Matsuoka Takeshi, Yang Ming, “Common cause failure analysis of PWR containment spray system by GO-FLOW methodology”, Nuclear Engineering and Design 262 pp.350– 357 (2013)
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
References (2) Muhammad Hashim, Hidekazu Yoshikawa, Takeshi Matsuoka and Ming
Yang, “Considerations of uncertainties in evaluating dynamic reliability by GO-FLOW methodology –example study of reliability monitor for PWR safety system in the risk-monitor system” , Journal of Nuclear Science and Technology, Vol. 50(7), pp.695–708(2013)
Muhammad Hashim, Yoshikawa Hidekazu, Matsuoka Takeshi, and Yang Ming, “Quantitative dynamic reliability evaluation of AP1000 passive safety systems by using FMEA and GO-FLOW methodology” , Journal of Nuclear Science and Technology, (2013) to be published.
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
PWR safety systems
IWNSST17: T.MATSUOKA, Utsunomiya University
Thank you very much for your attention !!