Technology

Updated Digital I&C Reliability And Ccf Data

Categories
Published
of 4
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Description
1. Evergreen Safety & Reliability Technologies, LLC 28559 Cavan Lane, Evergreen, Colorado, 80439 To all parties interested in Digital I&C Reliability and Risk…
Transcript
  • 1. Evergreen Safety & Reliability Technologies, LLC 28559 Cavan Lane, Evergreen, Colorado, 80439 To all parties interested in Digital I&C Reliability and Risk Implications: The original CPCS System Reliability and CCF Study, conducted in the summer of 2006, used all available LER data from 1984 - through 2005. Tom Wierman (INL) informed me at the IAEA Technical Meeting on Digital I&C CCF that INL has recently augmented the amount of available LER data to include: all data from 1982-1983 as well as loading the last of the 2006 LER data. The purpose of this brief note is to discuss the impacts of this additional failure and operating data on existing failure data. The previous study looked at a set of 141 LERs from an experience pool of 145.5 reactor years (~1.27 million hours) and which included 26 events involving some type of common cause failure of all four CPCS channels. The additional data increases the amount the total failure and operating experience to the following: 203 LERs from an experience pool of 155 reactor years (~1.36 million hours) and which now include 29 events involving common cause failure of all four CPCS channels. The increase in LERs is primarily due to incorporation of early San Onofre 2, 3 CPCS operating experience. This data resulted in the addition of 3 additional CCF events including one involving software common cause failure. This event involved delivered software that used CEA Misalignment Penalty Factors for only the DNBR Calculation in the CPCS – rather than using the Penalty Factors in both the DNBR and LPD calculations. While the vendor could show that the DNBR calculation alone would provide all required reactor trips – the software was inconsistent with the original functional requirements – and thus is included in the total for completeness. The updated CCF breakdown (next page) is not significantly different to that presented in the recent IAEA meeting shown below: Computer Technicians insert Wrong Data Sets to all 4 CPCS Channels Breakdown of Common Mode Failures Reactor Vendor supplies Erroneous Data Sets input to all 4 CPCS Channels Reactor Vendor Supplies Software Update Containing 4% 4% Latent Software Error 11% 4% Operators Fail to Confirm ASI in all four CPCS Channels 4% when Reactor Power > 20% 8% Incorrect Acceptance Criteria Used for 4% Excore Data Set Calibration Checks >80% 4% Inaccurate Cross Calibration of Excore Data Sets 8% (Cross Channel, COLSS, etc.) 8% High Log Power Bypass Removal Setpoints (1E-4) Incorrect Inaccurate Cross Calibration of RCS Flow Data Sets 11% 4% (Cross Channel, COLSS, etc.) Operators Fail to Perform 12hr Auto-RESTART Surveillance on all CPCS Channels 26% Operators Fail to Perform Refueling Interval Surveillance on all CPCS Channels Communication Data Link Failure to Plant Computer results in Missed Surveillances on both CEAC Channels 2 of 2 CEACs Inoperable 3 of 4 CPCS Neutron Flux Cross Channel Calibrations OOT
  • 2. The plot below shows the updated breakdown of various types of CCF Contributors sorted by their relative contributions: Inaccurate Cross Calibration of Excore Relativ e CPCS Common Cause Data Sets (Cross Channel, COLSS, etc.) Failure Contributions Computer Technicians insert W rong Data Sets to all 4 CPCS Channels High Log Power Bypass Removal 3% 3% Setpoints (1E-4) Incorrect 3% 22% 3% 2 of 2 CEACs Inoperable without Conservative CEAC PFs Set 3% Reactor Vendor supplies Erroneous Data Sets % input to all 4 CPCS Channels Reactor Vendor Supplies Software Containing Latent Software Error 15% % Operators Fail to Confirm ASI in all four CPCS Channels when Reactor Power > 20% 7% Inaccurate Cross Calibration of RCS Flow Data Sets (Cross Channel, COLSS, etc.) 10% 7% Incorrect Acceptance Criteria Used for 10% Excore Data Set Calibration Checks >80% Inaccurate RTD Calibration in 4/4 CPCS Channels Operators Fail to Perform 12hr Auto- RESTART Surveillance on all CPCS Channels Operators Fail to Perform Refueling Interval Surveillance on all CPCS Channels Communication Data Link Failure to Plant Computer One change worth noting is that there is now sufficient data exists to split out 3/4 and 2/4 CCF events from the 4/4 channel events. CCF is still dominated by Cross calibration of redundant reactor power signals either by cross comparisons with secondary plant calorimetric power or cross comparisons from plant computer calculations. This is followed by plant personnel inputting wrong data into addressable constant data bases, procedural errors, errors in generating cycle specific addressable constants, and then software CCF. Specific failure rates estimated from this experience pool are shown on the following pages.
  • 3. Failure Rate per hour 0.00E+00 1.00E-06 2.00E-06 3.00E-06 4.00E-06 5.00E-06 6.00E-06 Inaccurate Cross Calibration of Excore Data Sets (Cross Channel, COLSS, etc.) 4.79E-06 Computer Technicians insert Wrong Data Sets to all 4 CPCS Channels 3.31E-06 High Log Power Bypass Removal Setpoints (1E-4) Incorrect 2.58E-06 2 of 2 CEACs Inoperable without Conservative CEAC PFs Set 2.58E-06 Reactor Vendor supplies Erroneous Data Sets input to all 4 CPCS Channels 1.84E-06 Reactor Vendor Supplies Software Containing Latent Software Error 1.84E-06 Operators Fail to Confirm ASI in all four CPCS Channels when Reactor Power > 20% 1.84E-06 Inaccurate Cross Calibration of RCS Flow Failure Modes Data Sets (Cross Channel, COLSS, etc.) 1.84E-06 4/4 Common Cause Failure Rates Incorrect Acceptance Criteria Used for Excore Data Set Calibration Checks >80% 1.10E-06 Inaccurate RTD Calibration in 4/4 CPCS Channels 1.10E-06 Operators Fail to Perform 12hr Auto- RESTART Surveillance on all CPCS Channels 1.10E-06 Operators Fail to Perform Refueling Interval Surveillance on all CPCS Channels 1.10E-06 Communication Data Link Failure to Plant Computer results in Missed Surveillances on both 1.10E-06 CEAC Channels
  • 4. Failure Rate per Hour 0.00E+00 5.00E-07 1.00E-06 1.50E-06 2.00E-06 2.50E-06 3.00E-06 3.50E-06 4.00E-06 4.50E-06 CEAC CPU Board Failure 3.87E-06 CPCS Channel quot;Xquot; RTD OOT 2.67E-06 Local Computer Power 1.41E-06 Supply Single CPCS Channel Excore 1.20E-06 Detector Data Multipurpose Acquisition and Control 1.04E-06 System CEAC Memory Board Failure 9.21E-07 CPCS CPU Board Failure 8.29E-07 Operators Fail to Perform 5.52E-07 Monthly CPCS/CEAC Data Link to Plant Failure Modes 3.07E-07 Computer Single CPCS Channel DNBR/LPD 2.76E-07 Time Watchdog Timer Failure 1.84E-07 CPCS CPCS Component & Subsystem Failure Rates Memory Board Failure 9.21E-08 CPC-CEAC Data Link Failure 6.14E-08 CEA Position Isolation Amplifier 2.28E-08 (CPIA) Failure Reed Switch Position Transmitter 6.82E-09 (RSPT)
  • Search
    Related Search
    We Need Your Support
    Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

    Thanks to everyone for your continued support.

    No, Thanks