You are on page 1of 10


Probabilistic Safety Assessment has become a key tool as on today to identify and
understand Nuclear Power Plant vulnerabilities. As a result of the availability of these
PSA studies, there is a desire to use them to enhance plant safety and to operate the
nuclear stations in the most efficient manner. Risk Monitor is a PC based tool, which
computes the real time safety level and assists plant personnel to manae day!to!day
activities. Risk Monitor is a PC based user friendly software tool used for modification
and re!analysis of a nuclear Power plant. "peration of Risk Monitor is based on PSA
methods for assistin in day to day applications. Risk Monitorin prorams can assess the
risk profile and are used to optimi#e the operation of Nuclear Power Plants with respect
to a minimum risk level over the operatin time. $his paper presents the software
developmental aspects of Risk Monitor and its application areas. $his software can be
used with the PSA model of any Nuclear Power Plant.
Risk Monitor accordin to the %A&A defined as 'A real!time analysis tool used to
determine the instantaneous risk based on actual status of Systems and Components'. At
any iven time, the risk monitor reflects the current plant confiuration in terms of the
known status of the various systems and(or components e.. whether there are any
components out of service for maintenance or tests. Risk Monitorin provides safety
status information for a plant and thus aids decision makin about whether continued
plant operation is tolerable under certain system function outaes. %t may also support
operations and be of help decidin on maintenance strateies allowin immediate
assessment of different plant confiurations. )esides addressin specific plant
re*uirements it is an on!line tool showin actual risk situation thus overcomin possibly
unnecessarily restrictive elements of re*uirement and point out procedures not conducive
to safety. $he model used by the risk monitor is based on, and is consistent with, the
+ivin PSA for the facility.
%n Nuclear Power Plants, safety is the ma-or concern. Probabilistic Safety
Assessment .PSA/ analysis leads insiht into plant processes and mechanisms and
possible interaction between plant systems, both for e0istin plants with operatin
histories and for plants still in the desin stae. %n view of this, on!line safety assessment
has received lot of attention from operation and maintenance personnel. Plant
confiuration underoes chanes due to chanes in component status and(or operatin (
maintenance procedures. Some components are randomly down and(or others can be
planned for test, maintenance and repair. $his results in a variation of the risk level over
operatin time, which is termed as risk profile, and indicates the trends which could lead
to deviation from desired C12. PSA models can be used to *uantify risk due to chanes
in components status, system desin and operations conse*uent to chanes in plant
Risk Monitor Software has been developed in 3isual )asic.. $he various modules
developed in the packae are as follows.
a/ System Modellin "ptions
b/ %nitiatin &vents(&vent $rees
c/ Safety Systems
d/ Common Cause 2ailures
e/ Main Summary 4 "n!+ine Risk
f/ Component data base
/ Component "ut!of!Service 4 Restore
h/ 5hat!%f Analysis
i/ $est $imes
3.1 S!te" Mo#e$$%&' O(t%o&!
%n this module user can choose the different options like plant operation .2ull power or
low power operation/, initiatin events fre*uency .1irect or throuh Minimal Cut Sets
.MCS//, core damae fre*uency .$hrouh accident se*uences or MCS/ and can set the
risk levels .Acceptable risk, unacceptable risk, moderately safe, totally safe and desin
level risk/. $he software uses plant specific PSA models. 7owever, option is provided for
inclusion of PSA models for different NPP also.
3.2 I&%t%at%&' E)e&t!*E)e&t Tree!
5ith this module user can create %nitiatin &vents .%&s/ ( &vent $rees .&$s/ list
-ust by typin on the data rid control which appears in the riht hand side panel of the
window. %f the %&(&$ list is already e0isted one can import the file by clickin on the
browse button in the panel. $his is shown in the 2iure ,. $he user can select this option
even from the menu bar menu option '3iew'.
3.3 Safet S!te"!
5ith this option user can ive the information on different safety systems. $his is
represented as a child node under the main node 'Minimal Cut Sets' in the tree view
control. After clickin on this node user will find a data rid control in the riht hand side
of the panel and one can enter the data in the correspondin fields. "ption is also
provided for importin the e0istin files.
3.+ Co""o& Ca,!e Fa%$,re!
%n risk monitor common cause failures .CC2/ are treated under two headins
• CC2 8roups
• CC8 &vents
3.+.1 CCF -ro,(!
5ith this option user can cateori#e the components which fall under some
specific CC2 roups. 5hen, the user clicks on this option a data rid will appear on the
screen and one can enter the different roup names. "ption is also provided for importin
the data.
3.+.2 CC- E)e&t!
$his option will be activated if the user had already entered the CC2 events in the
specified CC2 roups. $his can be done by double clickin on the CC2 roup9s data rid.
$he user interface is shown in the 2iure 6. $he user can also import the CC2 events of
different CC2 roups. $here are three tab headins provided on this screen namely
• )asic &vents
• CC2 &vents
• Parameters
3.. Ma%& S,""ar / O&0L%&e R%!1
$his module summari#es status of the safety systems .available, deraded or unavailable/
based on the status of the components .Available, out of service/, list of components
which have been taken out from the service and risk profile .C12 vs $ime/ on day basis,
monthly basis or year basis. +os on the C12 values on time basis are shown in the risk
profile module. %f the user double clicks on this table it will ive the status of the plant of
any day. Risk Monitor presents the raphical display of Risk profile with respect to C12
value. &venthouh, coloured bands are defined for risk levels, standardi#ation is re*uired
for definin these levels. $he user interface of this module is shown in the 2iure :.
3.2 Co"(o&e&t Data3a!e
A Reliability 1ata )ase is used for the manaement of data which is desined
usin MS ACC&SS which also stores the PSA models and analysis results. $he packae
provides database for basic events probability, initiatin events fre*uency and human
errors probability. 1ifferent component reliability models ;:< ;=< such as repairable, non!
repairable, tested, mission time, probability and fre*uency models have been
incorporated in calculation of the component unavailability. Risk Monitor can re!evaluate
the C12 dependin on the chane in the value of initiatin event fre*uency or safety
system unavailability. %n case of Safety System, the unavailability will be affected when
component unavailability chanes. 1ependin on the mode in which the component is
functionin in the safety system, parameters like failure rates, test intervals, mission time,
repair time etc. will alter its unavailability value. Risk Monitor has provided the option to
alter the necessary parameters dependin on the mode of the component functionin,
thereby computes its unavailability. $his chane is propaated to the Core 1amae
2re*uency and user can see its implication on Risk profile also. $he user interface of this
module is shown in the 2iure =.
3.4 Co"(o&e&t O,t0of0Ser)%5e / Re!tore
$his module shows all the components which are in service and out of service as
of today on system wise. %n order to take any component from out of service .for
maintenance, testin or inspection/ first user has to check the relevant component check
bo0es provided in the side by in the in!service list and has to click the 'Add' button
provided at the bottom of the rid. $his will add the components to the out of service
table provided at the bottom of the window. $his chanes the confiuration of the
systems and in turn affects the C12. C12 is re evaluated from the minimal cut sets
provided in the database which is in the form of %nitiatin events and components. $he
user can even set the date and time at which the component has been taken out of service
apart from the default time settins .today9s date and time/. $he user interface of this
module is shown in the 2iure >.
3.6 W7at 0If A&a$!%!
$his is the uni*ue feature of the risk monitor. 5ith this analysis user can analyse
different combinations of component states and based on the chane in the C12 value
decision can be made on which combination of components can be taken for maintenance
or can be restored. ?ser can also use this analysis for findin out the allowable outae
times and surveillance test intervals for various systems. All the cases which have been
analysed by this analysis are stored in the database so that if the user wants to do the
same analysis in the future it can be retrieved from the database and can be applied, this
will avoid the repetition of the same analysis. $he user interface of this module is shown
in the 2iure @. "n!line A7elpB and report eneration have been provided with the
software packae, so as to assist the user in naviatin throuh the software as well as to
et familiari#ed with the PSA terminoloies.
3.8 Te!t T%"e!
$his module shows list of components whose model type is '$ested' model alon
with the parameters of the model at the desin time and the present status. 7ence, the
user can have an idea about the parameters which have been chaned from their desin
values and can easily set the test intervals, inspection timins etc. for the components.
$his module also shows the inspection timin of each component based on the test
Some important applications of Risk Monitor towards Safety %ssues are e0plained belowC
+.1.1 De5%!%o& Ma1%&' %& o(erat%o&!9
Core 1amae 2re*uency .C12/ value is an important parameter, which can
provide risk insihts. %f C12 value e0ceeds the prescribed probabilistic safety
criteria, that is termed as an unsafe condition. Also, efforts are always made to
lower the C12 throuh different test and maintenance policies.
+.1.2 Ma%&te&a&5e Strate'%e!9
Risk achievement worth .RA5/ is the best input for decidin maintenance
policies. RA5 and risk reduction worth .RR5/ can be evaluated system wise
and component wise. Components havin hiher RA5 have to be maintained
immediately, in order to minimise the C12 value. Similarly, component havin
hiher RR5 should be iven attention from the desin point of view, since it can
enhance the reliability of the system.
+.1.3 R%!1 Ba!e# I&0Ser)%5e I&!(e5t%o&9
$he Risk %nformed %n!Service %nspection .R%!%S%/ prorams aims at interatin
traditional enineerin evaluations with insihts ained from PSA. $he prime use
of PSA is to obtain an estimate of risk and releate it to various systems and down
to components to obtain an idea of their importance in terms of contribution to the
Risk. Risk Monitor can be effectively employed for analysin the chane in C12
whenever there is a chane in %nspection plans and thereby analyse for an
optimum schedulin plan. Risk importance measures such as RA5, RR5,
2ussell!5essley etc. for various components and systems are readily evaluated in
the Risk Monitor for risk based inspection plannin.
+.1.+ Re)%ew of Te57&%5a$ S(e5%f%5at%o&9
$he $echnical Specifications are usually based on deterministic assessment and
enineerin -udment. )ased on the PSA studies, technical specifications based
on probabilistic considerations can be evolved to optimise the Allowable "utae
$ime .A"$/ and Surveillance $est %nterval .S$%/ for various Systems.
+.1.. E"er'e&5 O(erat%&' Pro5e#,re! a&# R%!1 Ma&a'e"e&t9
$he &merency "peratin Procedures .&"Ps/ have been usually based on the
considerations of failures in process systems only. &"Ps based on dominatin
accident se*uences as identified in PSA can be effectively used in risk
Risk Monitors backed up by the results of Probabilistic Safety Assessment .PSA/ are
ainin wider acceptance world over. %ncreasin use of Risk Monitors is bein made(
contemplated in various areas related to nuclear power plant operations. Risk monitor can
be used as an efficient tool by operator to analyse the chane in Risk whenever the
component parameters chane. Also it can be considered as an efficient system to track
plant history. &nvisain the above scenario of application of Risk Monitor, assurin the
*uality of Risk Monitor is of utmost importance. 3arious testin approaches have been
adopted to e0pose the detectable as well as undetectable errors in order to improve the
reliability of risk Monitor.
;,<. %A&A!$&C1"C!D:DE .,FF=/, Advances in reliability analysis and probabilistic safety assessment
for nuclear power reactors.
;6<. %A&A!$&C1"C!,,G@E .,FFF/, +ivin probabilistic safety assessment .+PSA/.
;:<. PSA Pack =.6, A Code for Probabilistic Assessment +evel ,, %A&A, 3ienna .,FF:/.
;=<. Risk Spectrum, PSA Professional ,.GG.G>C A 1emo version, Relcon A) .,FFH/.
F%',re 19 ?ser %nterface of %nitiatin &vents
F%',re 29 ?ser %nterface of Common Cause 2ailures
F%',re 39 Risk Monitor Main Summary 5indow
F%',re +9 ?ser interface of Component 1atabase
F%',re .9 ?ser interface of Component "ut!of!Service 4 Restore
F%',re 29 5hat!%f Analysis window