Title: Optimizing Information Automation Using a New Method Based on System-Theoretic Process Analysis: Tool Development and Method Evaluation

This report is an update to a prior report that describes progress and findings for a program of research supporting the design and optimization of information automation systems for nuclear power plants. Much of the domestic nuclear fleet is currently focused on modernizing technologies and processes, including transitioning toward digitalization in the control room and throughout the plant, along with a greater interest in the use of automation, artificial intelligence, robotics, and other emerging technologies. While there are significant opportunities to apply these technologies toward greater plant safety, efficiency, and overall cost-effectiveness, optimizing their design and avoiding potential safety and performance risks depends on ensuring that human performance-related organizational and technical design issues are identified and addressed early in the design process. This report describes modeling tools and techniques, based on sociotechnical systems theory, to support these design goals and their application in the current research effort. The report is primarily intended for senior nuclear energy stakeholders, including regulators, corporate management, and senior plant management. We have developed and employed a method to design an optimized information automation ecosystem (IAE) based on the systems-theoretic constructs underlying sociotechnical systems theory in general and the Systems-Theoretic Accident Modeling and Processes (STAMP) approach in particular. We argue that an IAE can be modeled as an interactive information control system whose behavior can be understood in terms of dynamic control, feedback, and communication relationships amongst the system’s technical and organizational components. We have employed two STAMP-based tools in this effort. The first is Causal Analysis based on STAMP (CAST), an accident and incident analysis technique that was used to examine a performance- and safety-related incident at an industry partner’s plant involving the unintentional activation of an emergency diesel generator. This analysis provided insight into the behavior of the plant’s current information control structure within the context of a specific, significant event. The second tool is Systems Theoretic Process Analysis (STPA) which is a proactive risk analysis tool used to examine existing and potential, planned sociotechnical systems. STPA was used to identify risk factors in the current design of a generic nuclear power plant (NPP) preventive maintenance system. Our analyses focused on identifying near-term system improvements and longer-term design requirements for an optimized IAE system. CAST analysis findings indicate an important underlying contributor to the incident under investigation, and a significant risk to information automation system performance, was perceived time and schedule pressure, which exposed weaknesses in interdepartmental coordination between and within responsible plant organizations and challenged the resilience of established plant processes, until a human caused the eventual event. These findings are discussed in terms of their risk to overall system performance and their implications for information automation system resilience and brittleness. STPA findings exposed several areas of concern in the design of current preventive maintenance systems. We also present two preliminary information automation models. The proactive issue resolution (PIR) model is a test case of an information automation concept with significant near-term potential for application and subsequent reduction in significant plant events. The IAE model is a more general representation of a broader, plantwide information automation system and represents an end-state vision for our work. From our results, we have generated an initial set of preliminary system-level requirements and safety constraints for these models. We have also focused on early development of easy to learn, easy to use “transportable” tools for sociotechnical systems analysis. We intend these to be used by NPP personnel as a means of gaining reliable and relatively quick insight into (1) sociotechnical systems factors impacting incidents and accidents, (2) potential sociotechnical risk factors in existing or planned system designs, and (3) potential weaknesses in a system’s safety and/or information control structure. We conclude the report with a set of summary recommendations, a discussion of planned and potential follow-on research and development, and a draft list of system-level requirements and safety constraints for optimized information automation systems.