Dynamic probabilistic risk assessment (PRA) methods can improve nuclear power plant PRAs by providing rich contextual information and an explicit consideration of feedback arising from complex equipment dependencies and operator actions. The Accident Dynamics Simulator paired with the Information, Decision, and Action in a Crew context cognitive model (ADS-IDAC) is one such dynamic method that can be used for nuclear power plant risk assessments.
Compared to more traditional risk assessment methods such as static linked event and fault tree approaches, dynamic PRA methods offer a number of significant advantages:
- A simulation model can provide a more realistic representation of plant accident response. Therefore, the time available for operator actions, the presence (or absence) of key diagnostic cues, and contextual information about accident scenarios can be more directly assessed in support of human reliability analysis. Plant procedures and skill- and rule-based actions can be directly simulated in order to better account for feedback from the nuclear plant to the operations crew and assist in the identification of situational contexts where operators may commit errors of commission.
- Given dynamic simulation methods explicitly represent the timing and sequencing of events, they can directly calculate the impact of variations of hardware and operator performance on the plant model, and are capable of capturing complex interdependencies. System success criteria are more realistic and do not include conservatisms due to scenario binning that are sometimes found in traditional static PRA models.
ADS-IDAC Developmental History
ADS-IDAC is one of the most mature dynamic PRA platforms of technological systems with an evolution that spans more than 20 years. Its development has been supported with grants from the United States Nuclear Regulatory Commission, Electric Power Research Institute, Ship Research Institute of Japan, Paul Scherrer Institute, Switzerland, and University of Maryland.
The ADS-IDAC is a simulation engine that includes a scheduler module, a control panel module, a system reliability model, a hybrid causal logic module, a crew module, and the system module coupled with a thermal-hydraulic code (e.g., RELAP5/MOD3.3) to generate DDETs containing contextually rich scenarios that could occur given an initiating event.
Generated Discrete Dynamic Event Tree (DDET)
ADS-IDAC generates a DDET using simplified branching rules to model variations in system and crew responses. Branching events may include hardware failures, physical variable thresholds, operator decisions or actions, and stochastic timing variabilities.
IDAC contains both a heuristic cognitive engine and a reasoning module to simulate operator decision-making:
- The purpose of the cognitive engine is to form a situational assessment from perceived information, to identify and select suitable goals based on the situational assessment, to identify and select suitable strategies for obtaining goals, and to prioritize and resolve conflicts among the selected goal/strategy sets.
- In the reasoning module, the operators’ knowledge-based behavior is greatly augmented through an embedded attention mechanism in information perception channels, better capturing cognitive resource limitations and top-down attention control. Also, this module simulates an operator making sense of perceived information, connecting different pieces of information to form a big mental picture of the plant situation, and making accident diagnoses.
In ADS-IDAC, the experience and training of each crew operator is reflected in the ADS-IDAC knowledge base. The knowledge base captures the information needed to assess the plant state, execute procedural actions, and match memorized response actions to perceived plant needs.