The numerical input data necessary for quantifying accident sequences consist basically of data needed to calculate the frequencies/probabilities of basic events included in the PSA model. This information need is dependent on the underlying component (basic event) reliability models applied generally as follows:
frequency - f (1/y)
-
Independent Component (Hardware) Failures
a) time related failure rate - λ (1/h) or
b) demand related failure rate or probability of failure per demand – λd or Q or P (1/demand)
c) time data on operating hours, test and repair, as appropriate (mission time: Tmis (h), repair time: Trep (h), test interval (time between tests): Tper (h), test time: Ttest (h))
d) aircraft crash/fire/explosion induced failures, fragilities – P (failure probability)
-
Dependent (Common Cause and Correlated) Component Failures
a) data on independent failures for each component involved in a common cause failure (CCF) group - see above
b) parameter values for the fraction of common cause failures in a CCF group in accordance with the underlying parametric CCF model applied (e.g. β factors, α factors, MGL factors)
c) correlation coefficients for multiple, correlated failures of SSCs: ρij.
probability of an human error: HEP.
The frequency of an aircraft crash, fire or explosion initiating event is characterized by the annual frequency of each aircraft type hitting each relevant impact zone. The frequency is characterised by its mean value and by expected frequencies for a range of confidence levels or by a continuous probability distribution. The hazard characteristics are obtained from the aircraft crash, fire or explosion hazard assessment as input information for the aircraft crash/man-made hazard PSA, therefore there is no need to describe the methodology of aircraft crash/fire/explosion hazard assessment in this section – see section 3 for the details of hazard assessment.
The reliability data for random equipment failures are taken from the PSA for internal events. Additional reliability parameters also need to be estimated for quantifying random failures included in the system fault trees developed newly for the purposes of the aircraft crash/man-made hazard PSA. The method of parameter estimation follows the practice commonly applied in the internal events PSA.
Aircraft crash, fire or explosion induced failures of equipment and structures, including transient initiating failures and mitigating system failures, are modelled by different basic events in the logic model for the different aircraft crash/fire/explosion initiating events. The probabilities of these failures are determined by fragility analysis. The fragility analysis quantifies the likelihood that a component or structure fails, as a function of the aircraft mass and velocity relevant to an investigated aircraft type hitting an impact zone at the plant. Similarly for fires and explosions fragility is estimated in function of strength of the explosion (for example expressed in TNT terms), duration of fire, etc. The fragility analysis explicitly accounts for the effects from randomness of the aircraft crash characteristics and uncertainty in the component response to a particular aircraft crash, fire or explosion initiating event.
With regards to common cause failures of plant equipment the data available in the internal events PSA is used without modification for the purpose of the aircraft crash/man-made hazard PSA. It is important to note that these are common cause failures of random failure events as opposed to dependent failures due to aircraft crash, fire or explosion effects. The approach applied in the internal events PSA is followed to estimate the common cause failure parameters of the random equipment failures modelled newly for the purposes of the aircraft crash/man-made hazard PSA.
The approaches to estimating human error probabilities for different initiating events are summarized in section 9.
9SOLUTION TO MODEL HRA FOR MAN-MADE HAZARDS AND AIRCRAFT CRASH PSA 9.1Background
External events may lead to harsh personnel working conditions, problems in getting external aid and increases in emotional burden (site isolation as consequence of a fire, worrying about the situation of family members, adverse conditions for countermeasures requiring working outdoors). Several documents [16], [23] acknowledge that the effects generated by external hazards could have the potential to adversely impact the plant safety and the response of plant personnel (e.g. the possibility of implementing emergency procedures could be affected; the operator access could be impaired). More detailed information on treatment of HRA and on HRA models is available in case of seismic events or internal fire events. For the other external hazards, the literature with regard to HRA is not well developed [23].
Regarding the assessment of human factors, some general recommendations can be summarized from the related literature [23]:
-
HRA should adequately account for the additional influences caused by the external event,
-
human failure events adopted from an Internal events PSA should be modified as appropriate to reflect the external hazard effects,
-
new human failure events should be included to account for specific hazard related actions that are consistent with plant procedures that were not covered in the Internal Events PSA.
There are several international efforts dedicated to improve HRA methods, such as the International HRA Empirical Study [42], where the human actions performed by operator crews (at the Halden Reactor Project simulator) were analysed using different HRA methods and the results were compared to crew simulator performance in an effort to benchmark HRA methods using empirical data. In Germany, the effects of external events on the reliability of human actions are not explicitly considered in the PSA. However, the HRA takes into account the potentially different environmental conditions affecting the human behaviour in case of an external hazards (EE) [9]. In Slovakia increased human error probabilities are used after occurrence of EE and higher level of dependencies between the human errors are applied [16]. In Chinese Taipei, the human error probabilities used in internal event analysis were increased by factor 3, following a suggestion to take into account for special stress of operating crew and possible damage (or blockage) to the pathway from control room area to other areas where the components are located [16]. In the USA, some of the “second generation” methods (e.g., ATHEANA) place a heavy emphasis on the description of the context for operator actions, and on the potential of challenging situations to increase the likelihood of error. [16] ATHEANA [43] is based on a multidisciplinary framework that considers both the human-centred factors (e.g., human-machine interface, procedures content and format, training) and the conditions of the plant that give rise to the need for actions and create the operational causes for human-system interactions (e .g., misleading indications, equipment unavailability, and other unusual configurations or operational circumstances).
In the existing documentation whether or not the increases in error probabilities are used, besides the general statement that the basis for decision about what error rates to be used should be justified, the basis for determining these increases is not well developed. It may be concluded that the PSA for external hazards should take account the potential for human response to be affected by the external event, and the available time for operator intervention for mitigation of external event effects needs to be considered. The additional stresses that can increase the likelihood of human errors or inattention should be examined, and compared to the likelihood assigned in the internal events HRA, when the same activities are undertaken in non-hazard accident sequences.
Share with your friends: |