Risk-informed periodic surveillance testing interval of digital safety systems with self-diagnosis capacity

摘要

Digital safety systems used in nuclear power plants (NPPs) consist of a great number of computer-based components. The primary purpose of safety systems is to shut down the reactor when monitored variables exceed the set-points. During the operation of NPPs, the reactor must be monitored and protected at any moment; therefore it is extremely important to keep the availability of safety systems in a high level. Periodic Surveillance Testing is a kind of preventive maintenance strategy applied in NPPs to determine whether the system can perform its designated function properly. The failure probability of components within the testing scope accumulates with time and brought down to zero after testing is carried out. Test-limited risk is calculated for each component which makes up the total risk contribution of safety systems. On the contrary, surveillance testing can incur some adverse effects denoted as test-caused risk contribution on safety systems, for example the unavailability of components during tests. Thus, an optimal test interval needs to be determined by trading off these two risk contributions. Some components might fail in a test interval which cannot be detected until the coming surveillance testing. To overcome this weakness, digital safety systems incorporate self-diagnosis capability. However, self-diagnosis has impacts on the test interval to some extent, which should be considered in the risk-informed test interval determination process. This paper firstly introduces the features of digital safety systems in NPPs and the process to determine risk-informed (RI) periodic surveillance testing interval. The test interval and its adjustments under self-diagnosis condition are then formulized based on risk-informed method. A case study is then given and the results are compared to show the influences of self-diagnosis capability on the test interval.