Quantitative Risk Analysis of High Safety Significant Safety-related Digital Instrumentation and Control Systems in Nuclear Power Plants using IRADIC Technology

This report documents the activities performed by Idaho National Laboratory (INL) during fiscal year (FY) 2021 for the U.S. Department of Energy (DOE) Light Water Reactor Sustainability (LWRS) Program, Risk Informed Systems Analysis (RISA) Pathway, digital instrumentation and control (DI&C) Risk Assessment project. In FY-2019, the RISA Pathway initiated a project to develop a risk assessment strategy for delivering a strong technical basis to support effective, licensable, and secure DI&C technologies for digital upgrades/designs. An integrated risk assessment technology for the DI&C systems (IRADIC technology) was proposed for this strategy, which aims to (1) provide a best-estimate risk-informed capability to quantitatively and accurately estimate the safety margin obtained from plant modernization, especially for the High Safety Significant Safety-related (HSSSR) DI&C systems, (2) develop an advanced risk assessment technology to support transition from analog to DI&C technologies for nuclear industry, (3) assure the long-term safety and reliability of vital HSSSR DI&C systems, (4) reduce uncertainty in costs and support integration of DI&C systems in the plant. To achieve these technical goals and deal with the expensive licensing justifications from regulatory insights, the IRADIC technology is instructive for nuclear vendors and utilities to effectively lower the costs associated with digital compliance and speed industry advances by: (1) defining an integrated risk-informed analysis process for DI&C upgrade, including hazard analysis, reliability analysis, and consequence analysis, (2) applying systematic and risk-informed tools to address common cause failures (CCFs) and quantify responding failure probabilities for DI&C technologies, particularly software CCFs, (3) evaluating the impact of digital failures at the individual level, system level, and plant level, (4) providing insights and suggestions on designs to manage the risks; thus, to support the development, licensing, and deployment of advanced DI&C technologies on nuclear power plant (NPPs). In this report, an approach for performing software CCF analysis, given limited data, is developed and demonstrated using a case study of a highly redundant digital reactor trip system. Consequence analysis is also performed based on different accident scenarios. Results indicate that plant modernization including the improvement of HSSSR DI&C systems will make great benefits to plant safety by providing more safety margins to accident management. In addition, a novel approach is proposed in this report for the quantification of software hazards when sufficient operational and testing data available. The method incorporates software development quality as well as strong analysis techniques to identify and link software defects to potential failure modes. The approach includes both semantic and test-based analysis to detect failures that can exist in different stages of the software development life cycle. This method is applied to an advanced human system interface relevant to reactor trip safety developed from the APR 1400 design.