Since the 1990s, Idaho National Laboratory has helped the Nuclear Regulatory Commission understand the safety and reliability of all U.S. nuclear power plants.
Supporters of nuclear energy tout the safety and reliability of nuclear power, and data supports their claims. According to detailed studies, nuclear power accounts for 0.03 deaths per terawatt-hour of electricity generated, when including both accidents and deaths due to air pollution. This fatality rate is a factor of 820 lower than electricity produced using coal.
One reason U.S. nuclear power plants have such a stellar safety record is that utilities embrace a safety culture, one that uses probabilistic risk assessments, also known as PRAs. The safety enhancements of PRAs were recognized early on by the U.S. Nuclear Regulatory Commission (NRC), and the NRC championed their use beginning in 1995. This endorsement in regulatory licensing and oversight has resulted in an enhanced understanding and control of commercial nuclear plant risk.
These assessments survey the possible “failure modes,” or sequences, that could lead to failure. Such sequences may involve combinations of equipment problems, external events or human errors. PRAs assign a probability of failure to each component and figure out which problems are most likely to occur. Engineers can then go back and strengthen the weak spots.
The NRC continues to encourage the industry to use PRA to provide a basis for “risk-informed, performance-based” decision-making. But nuclear safety relies on redundancy, checking and double-checking. How can the NRC have confidence that the utility’s analyses are correct?
The answer is to use independent PRA models, known as Standardized Plant Analysis Risk (SPAR) models. Idaho National Laboratory creates these models for the NRC, and they can be used to evaluate a specific plant’s operations risk. Different from a plant-managed PRA model, SPAR models use data from across the industry, rather than just a single plant, to provide a holistic, third-party safety picture.
Decades of Helping NRC Assess Risk
Beginning in the late 1990s, INL began working on the independent SPAR models, which now include 67 models, one for each nuclear power plant or each reactor unit at a plant. There are currently 92 commercial operating reactors in the U.S., some with two or three units per site, e.g., the Vogtle site in Georgia, which will soon have four units.
For the INL-developed SPAR models to be useful for the NRC, they must be updated in three ways. First, the plants are continuously making improvements, replacing components when needed, and reconfiguring systems for better performance.
“There are modifications that go on to improve safety,” said Jim Knudsen, a senior engineer in INL’s Regulatory Support Department. When plant managers change hardware or procedures, they also incorporate those changes into their PRAs, he said, and the team implements them into the SPAR models. Gradually, the shape of the “fault tree,” the way systems can potentially fail, changes.
Second, there is a continuing flow of information from the plants, about minor events like equipment failures or personnel errors. Those reports give insight into the probability of a failure or other event important to safety. Every mechanical glitch is a data point that improves the estimate of the probability of failure.
“Let’s say you have a pump, and they do a test, and it failed to start,” said Knudsen. “That’s a failure with a specific failure mode. It gets collected and put in this pool.” The team counts how many times such a pump was supposed to start, and how many times it failed to do so. From that, it calculates the probability that such a pump will fail to operate when called on. The estimate is for the whole population of reactors, not any single unit since data from across the nuclear industry is used to inform the estimate.
“The NRC will assess what the potential risk of that event was,” said Knudsen, who pointed out that many components have back-up systems.
Third, INL manages SAPHIRE 8, the software used to create the PRA models, and updates it to reflect current computer science practices. This tool, which was developed with NRC and NASA support, is used by the NRC and other industries, like aerospace, to manage risk.
“SAPHIRE supports the creation of PRA models that define the different ways failure can occur,” said Ted Wood, SAPHIRE project lead and senior software engineer. “The failure data can be updated easily, and the model can be reanalyzed to determine the impact of the data change on the overall results.”
SAPHIRE also enables users to see how components and systems interact.
“These models can be developed in layers depending on the known failure modes and methods and can be used to understand the interaction of the various components and systems,” Wood said.
Watching Trends
Each failure becomes an input for a trend analysis. These analyses point the plant operators to procedures or equipment that may need more attention. By noting these trends, plant operators can reduce the potential for safety events while improving the overall reliability of systems and their components.
“By paying attention to trends, other plant operators can take actions to avoid similar issues, not only ensuring safety and reliability, but also reducing the chance of future failures,” said Zhegang Ma, the NRC operating experience data analysis project lead and a senior PRA engineer in the Regulatory Support Department.
Human errors are also counted in the reliability models. “If an operator failed to do something, we can come up with a probability of that failure,” Knudsen said.
The NRC already has a program to evaluate licensee event reports, which are publicly available and are scanned by utilities to see what issues other plants have seen. But Knudsen and his team turn those events from anecdotes into a foundation of integrated risk management.
“The NRC is aware of what’s going on at every plant, that’s for sure,” said Knudsen. “But the systematic approach to integrating the data gives insights that improve safety and reliability,” he said.
Determining what can go wrong at a power plant has had an immediate, observable benefit: it has helped utilities reduce the number of times that a plant “trips,” or automatically shuts down for safety reasons. Several decades ago, reactors used to trip several times a year; now they trip, on average, less than once a year. Avoiding these operational events can save money and increase safety.
“The cost of a nuclear plant trip can be more than a million dollars a day,” said Curtis Smith, INL’s Nuclear Safety and Regulatory Research division director.
Additionally, these analyses look at the possibility of a serious event, and the analyses from both the utilities and the NRC predict these potential events will occur very rarely.
“Having the ability to focus on events that are important to risk is a key part of the U.S. approach to risk-informed thinking,” said Smith. “As an industry, we can take care of important items and not be distracted by the ‘risk noise’ to ensure an ever-increasing safe and efficient power generation industry.”