Showing papers on "System safety published in 1982"

Practical availability analysis of standby systems

Abstract: Comprehensive availability models are developed in this paper for analyzing redundant standby safety systems. The models, which include both periodic inspections and continuous monitoring for discovering failures, incorporate human errors associated with testing, monitoring, and repair as well as spurious alarms and failures after a demand during the mission time. Equations are developed for calculating optimum inspection intervals and average steady state availabilities of standby m-out-of-n:G systems (with several schemes of staggering the tests), as are techniques for including undetected and common-cause failures. Analytical models provide a basis for many generic conclusions. Numerical examples representative of safety systems in nuclear power plants illustrate, for example, the importance of developing monitoring techniques to detect errors made in testing and returning components to service after maintenance.

Common cause analysis: a review and extension of existing methods. Final report

Abstract: This report details the methods developed and applied for performing common cause analysis at the systems and component level for large, highly redundant engineered safety systems in nuclear reactors. More generally, the methodology is also applicable to many other engineered systems outside of the nuclear area. Major progress in this project was made in testing and refining the MOCUS-BACFIRE-II-BETAFACTOR analysis code, called MOBB, which takes the system fault tree diagram, generates cutsets and then employs the generic cause method developed by Fussell to identify common cause candidates. Then, the Beta Factor method developed by Fleming is applied at the single component level to quantify the contribution to total system unavailability of common cause failures. Finally, an uncertainty analysis is performed to generate confidence bounds on both the top event and all cutsets employing both a standard Monte Carlo approach and improved Method of Moments method.

Photovoltaic array grounding and electrical safety

Abstract: Unless adequate safety practices are followed, introducing a photovoltaic power system into a residential or industrial structure may increase the likelihood for fire and/or shock hazard situations. These hazards could arise because of modifications to the structure and because of the additional electrical elements in place. Safety systems may be incorporated in the product, the installation, or both to mitigate the effect of the modifications and added elements. Safety requirements are being prepared for both the product, Underwriters Laboratories Inc. (UL) Proposed Standard for Safety - Flat-Plate Photovoltaic Modules and Panels; and installations, proposed Article 690 for the National Electrical Code (NEC). Virtues and problems associated with new safety system concepts which may be applicable to photovoltaic power systems are discussed.

Verification and Validation for Systems Important to Safety

Abstract: Verification and validation (V&V) have been applied to nuclear power plant safety systems. Detailed procedures and extensive documentation have provided a high degree of design assurance for safety systems however at a relatively high cost. Guidelines are presently needed for a cost effective V&V approach for systems important to safety, e.g., Emergency Response Systems - NUREG 0696. This paper discusses what V&V does and provides some guidance for developing cost effective V&V programs for systems important to safety.

FRANTIC II application to standby safety systems

Abstract: In the quantitative assessment of system reliability, it is predominantly important to check whether sufficient agreement exists between what is observed and what inherent limitations the assumed models possess. Time dependent hazard rate and time dependent unavailability models, such as FRANTIC II, enable one to take into account burn-in and wear-out, surveillance testing benefit, quantitative balancing of the advantages and disadvantages of accomplishing a particular testing program in the context of the entire system's safety function. This paper shows the FRANTIC II model's capability to obtain realistic evaluation of the standby safety system unavailability utilizing time dependent unavailability analysis.

Identification of Common Cause Failures in Instrumentation and Control Systems

Abstract: Reliability and system safety technologists have debated for years over what analysis methods are most effective. They also disagree on the merits of qualitative versus quantitative approaches. Normally, everyone will agree that quantitative (numerical) treatments are more complicated. They are difficult to bound, apply, and utilize. Their absolute results are usually subject to question. However, quantitative methods can give a relative indication of risk versus benefit.

Application of time dependent unavailability analysis to standby safety systems

Abstract: The FRANTIC II computer code has been modified and used to demonstrate that time dependent unavailability analysis is a practical tool for assessing the periodic testing programs of operational standby safety systems. FRANTIC II was assessed from an engineering point of view and modified as necessary to make it more useful for application to operational systems. An offset time was. added to the component failure parameters to provide more flexible modeling of time dependent standby failures and the effects of test caused wear-out. A routine to calculate the optimum test interval of a constant failure rate component subject imperfect testing was also developed. The code was then coupled to a cutset generator and evaluator for application to multiple component systems. The resulting code is named FRANTIC II-MIT. FRANTIC II-MIT has been applied to the High Pressure Coolant Injection System of a Boiling Water Reactor and a quantitatively based periodic testing program keyed to a fault tree evaluation of the system' s safety functions has been formulated. The analysis indicated that system unavailability can be reduced while also reducing testing requirements from approximately 170 to 123 tests per year. -Thesis Supervisor: . Norman C. Rasmussen Title: Professor of Nuclear Engineering Thesis Supervisor: William E. Vesely, Jr. Title: Research Affiliate

Plant modelling for system safety analysis

Abstract: This research work is primarily concerned with modelling of process plants for use with hazard identification and hazard analysis techniques, such as the fault tree and the event tree. A new method of modelling which is fundamentally different from the existing ones has been developed. However, most of the important and widely used techniques have first been reviewed. This has been carried out mainly to give an insight into the structure and characteristics of the techniques. Among them the fault tree technique has been used extensively for hazard and reliability analysis purposes in industry. This important use of the technique has been described separately in more detail. The intention was to describe the logical structure of fault trees and also the importance of modelling on fault tree analysis. A case has been analysed for the latter purpose. [Continues.]

800 MHz for public safety — Design considerations for conventional systems

Abstract: Major questions arising in the design of a conventional (i.e., not trunked) public safety 800 MHz land-mobile communication system are discussed. Public safety agencies consider implementing systems in the 800 MHz band because of the difficulty of obtaining channels in the VHF high band and UHF 450-512 MHz bands, because of the excellent coverage available in urban and suburban environments, or for both reasons. Somewhat higher costs in this band are often offset by the advantages cited. Two very different types of systems are described. One is a complex, multi-channel tollroad system that is primarily mobile radio oriented, and is unified through an extensive microwave backbone system. This system serves both police and tollroad maintenance, engineering and administrative functions. The other is a municipal police and fire system with channels to serve both dispatch operations of the two departments and other functions such as fire ground, detective and administrative users. Both the fire ground and police dispatch systems are designed to provide highly reliable portable radio coverage over the entire jurisdiction. For a ribbon type system, such as the tollroad system, the use of the 800 MHz band allows special requirements to be imposed on antenna pattern specifications and on individual channel assignments. The restrictions placed on transmitter power and satellite receiver placement add to the design constraints normally found in such a system. The municipal system design poses the challenge of meeting the diverse requirements of dispatch and tactical communications (such as fire ground and detective message traffic) and portable coverage on both police and fire channels, while providing mobile coverage in a compatible system. Location of base stations and receivers, in light of available transmitter powers and known system losses also requires careful attention. The aspects of 800 MHz system design for conventional, public safety systems that are unique to these situations are presented and discussed. They include ERP limitations, antenna patterns available, and licensing requirements, as well as special consideration needed to produce competitive bid specifications in a market in which not every equipment feature or type is available from every supplier. Many of the design considerations discussed for public safety systems are equally applicable to business and industrial users of 800 MHz systems.

Case study: ergonomic and hazard evaluation of a new consumer product

Abstract: The introduction of a new, powerful, mechanical home-use tool carries with it a high risk of product liability. This liability stems from both planned and unanticipated use of the product. In view of this, it is imperative that designers and manufacturers carefully analyze their proposed product to insure that possible failures and hazards have been evaluated and corrected, that current ergonomic principles have been used in the design, that instructions and warning signs clearly document the hazards associated with use of the product, and that the advertising describe only safe methods of handling and using the product. This paper describes the analyses that were performed on a tool prior to its production. The purpose of the analyses was to identify and solve as many of the hazardous operating problems of the tool as possible. To this end, a series of system safety analyses was performed to define the user, user-machine interface, and mechanical problems associated with the ditcher-saw.

The development of tritium technology at the tritium systems test assembly

Abstract: The Tritium Systems Test Assembly (TSTA) at the Los Alamos National Laboratory is dedicated to the development, demonstration, and interfacing of technologies related to the deuterium-tritium fuel cycle for large scale fusion reactor systems starting with the Fusion Engineering Device (FED) or the International Tokamak Reactor (INTOR). This paper briefly describes the fuel cycle and safety systems at TSTA including the Vacuum Facility, Fuel Cleanup, Isotope Separation, Transfer Pumping, Emergency Tritium Cleanup, Tritium Waste Treatment, Tritium Monitoring, Data Acquisition and Control, Emergency Power and Gas Analysis systems. Discussed in further detail is the experimental program proposed for the startup and testing of these systems.