ENEA’s Virtual e-Seminar FPN- RADCASS Unit

New Research Ideas2008

Super-Safety Constrains for Nuclear On-Line Super-Safety Constrains for Nuclear On-Line Monitoring StrategyMonitoring Strategy

Adam Maria Gadomski, Massimo Sepielli, Corrado Kropp

Italian National Research Agency ENEA, FNPResearch Center Casaccia ,

0123 Roma, Italy

adam@casaccia.enea.it, sapielli @ casaccia.enea.it ,

ENEAOct. 13, 2008

Super-Safety Nuclear Integrated Management and On-Line Monitoring Strategy

Super-Safety Nuclear Integrated Management: a Super-Safety Nuclear Integrated Management: a new vision of safetynew vision of safety

ENEAOct. 13, 2008

Rationality

The safety of potentially high-risk and large humans-technology systems, such as nuclear power plants, becomes nowadays the problem of not only classical engineers focused on the improvements of technological solutions reliability.

The possible consequences of disasters and involving together technological, environmental and human factors, are more and more jeopardise for modern societies.

On the other hand, an individual social safety and security have became one of the critical requirements of sustainable development, for industrial managers, policy makers and stakeholders.

Super-Safety Nuclear Integrated Management: a Super-Safety Nuclear Integrated Management: a new vision of safetynew vision of safety

Super-Safety Constrains for Nuclear On-Line Monitoring Strategy

Presentation OutlinePresentation Outline

• Introduction: • Super-Safety – Why and What is it• Identification Plant supervision lifecycle• On-Line Monitoring Strategy from NSSS viewpoint• Top-down Methodology in work - New Challenger

• Final comments:

ENEAOct. 13, 2008

Super-Safety Constrains for Nuclear On-Line Monitoring Strategy

- Stop to nuclear energy was continued in Italy 15 years from referedum in Nov. 1987

- New national policy on Nuclear Energy - Available new technological solutions- New social requests and democratic pressure

2008ENEA

New advanced research New advanced research responses relate to the integrated life cycle of plant nuclear systems:

- Production & Technologies, - Economy of exploitation, - Production & Technologies, - Economy of exploitation, - - Integrated Super-SafetyIntegrated Super-Safety

ENEA/S Responses

IntroductionIntroduction Italian situation

Super-Safety Constrains for Nuclear On-Line Monitoring Strategy

ENEA Oct. 13, 2008

Super-Safety (SS) –What is it?Super-Safety (SS) –What is it?

SS is the unified and complete supervision of critical systems its dynamic functions and consequences involved in the operators and managers decisions.

SS is a total protection extendend in time and space, as well as related to the cause-consequences propagation managed together in technological, cognitive and socio-organizational layers

SS has to satisfy current society requirements related to its self and the environment safety (on sustaiability level)

New tasks New technologies

+ New social constrains

----------------------------------------- New RTD approach is necessary

SS Strategy SS Strategy (SSS)(SSS)

Super-Safety Constrains for Nuclear On-Line Monitoring Strategy

SS Strategy (SSS) SS Strategy (SSS) is systemic strongly interdisciplinary design and managerial approach.

SSS is a methodological framework for systemic design and integrated socio-cognitive and technological

management

SSS paradigms SSS paradigms are constrains for the top-down detailed SS specification and concrete management of human-technology aggregate.

ENEAOct. 13, 2008

The objectiveThe objective of SSS is to obtain and maintain SS.

Super-Safety Constrains for Nuclear On-Line Monitoring Strategy

SS Strategy (SSS) SS Strategy (SSS) is a methodological framework for systemic integrated design and socio-cognitive and technological management

SSS paradigms SSS paradigms are meta-models and constrains for the detailed design and concrete management of human-technology aggregate.

SSS top-constrainsSSS top-constrains: Feasibility for the SS realization, internal Congruence i.e. lack of conflicts, and Completness of specifications on every level of managerial competences.

ENEA/SOct. 13, 2008

How it can be achived?How it can be achived?

SSS has to be total, intelligent and computer supported (IDSSs) Tool: the TOGA meta-theory framework (1994)

SAFETY: Four layers of safety building

The systemic socio-cognitive TOGA meta-theory (Top-down Object-based Goal-oriented Approach) is applied to the meta-modelling of the problem.

Applying TOGA, we distinguished 4 layers of safety building from the operator goal-oriented points of view:

• (1) natural safety, it employs only the safety properties of physical processes engaged in the system external functions.

• (2) critical safety; it is realized by the shut-down of the system functions under critical conditions. An automatic switch-off equipment is installed.

• (3) controlled safety; a supervision of safety-indicating variables and the model-based regulation of their control variables (in open and close loops) are realized.

• (4) super-safety; an integrated supervision of the controlled safety is performed, the models employed in the controlled safety layer can be modified according to the managerial preferences of the object/process owner or some external normative requirements.

An intrinsically safe nuclear technology is included in the safety analysis in the

above defined layers.

Super-Safety Constrains for Nuclear On-Line Monitoring Strategy

Allocation of nuclear On-Line Monitoring Strategy (OLMS) in frame of SSS

Operational Supper Safety

Policy-Making Supper Safety

Technological Supper Safety

Human-technology & Organizational Safety

Top-down Approach

… On-Line Monitoring Strategy ?

Operational Supper-Safety

Intelligent Operational Supper Safety (IOSS)

IOSS is Safety managed by plant operator + intelligent computerised support

IOSS may apply the TOGA formal frames(Top-down Object-based Goal-oriented Approach, Gadomski, 93) :

Main schemes:

Intelligent Agent (IA) Interaction Activity Domain

Actiity Domain Specification conceptualization framework:

IA Goal Task IA World

System Process Function Design-Goal

Goal from operator SS perspective : Operator monitoring viewpoint

Function status monitoring

System status monitoring

Process status monitoring

Components & Variables verification

Most important!

Models and Computer support are needed

MIND

Organization

Controlled Nuclear Plant

Control and Measurement System (in-core, …)

Computer Console System

Physical environment

Psycho-social environment

System-based Perspective : Plant Context, Operator Level

Cognitive Interactions

Human operator

Constrains

Machine Organization

Casaccia Research Center, May 24, 2005 A.M.Gadomski, M.Sepielli

Proces-based representation in SSS

Production process

Strategic D-M activity

Maintaining process

Fuel providing process

Control process

Managementactivity

Waste neutralization process

DESIGN

ENVIRONMENTAL PROCESSES (natural and human)Managementa

ctivity

Managementactivity

Managementactiity Managementactiity

Production process

Strategic D-M activity

Maintaining process

Fuel providing process

Control process

Managementactivity

Waste neutralization process

DESIGN

ENVIRONMENTAL PROCESSES (natural and human)Managementa

ctivity

Managementactivity

Managementactiity Managementactiity

Production process

Strategic D-M activity

Maintaining process

Fuel providing process

Control process

Management activity

Waste neutralization process

DESIGN

ENVIRONMENTAL PROCESSES (natural and human)

Management activity

Management activity

Managementactiity Management actiity

Energy providing process

Types of posssible loss of safety: external, structural/material, processual, functional, goal-dependent, they refer to every mentioned processes

Activity or process with human component

…

The processes and activities network which should be safe for their envirinments and for themself.

Function-based Representation

Operational

Super-Safety

Monitoring:Anomalies

dedection

DiagnosisPrediction:

What-ifDecision Making

Decomposition

Situational safety assessment: it is a system diagnostics relied on identification of existing or possible lack of safety (LOS), i.e. threats; by detection of losses generation, and risk assessment

Intervention (removing of lack of safety)

Processes are monitored by their measured and observed attributes (A):

System state depends on variables and parameters S (v,p),

Model-supported functional Interpretation design of OLMS

Design-Goal

Functions & servicies

Processes

System & components

Attributes/ properties/Indicators

Models of processes & safety margins

Detection of LOS

Design-Goal

Functions & servicies

Processes

System & components

Attributes/ properties/Indicators

Models of processes & safety margins

Detection of LOS

Conceptual Design: Progation of IPK during modelling and design

Extended Operational monitoring: Progation of IPK during plant operation.

ENEA’s SPECIFIC INTERESTS

1. New Approach to Intelligent Console NetworkIntelligent Console Network for Nuclear Supper Safety

2. Suggested initiative: to propose for UE and IAEA the organization of:

European Network of the Research and Consulting Centers for the development of Super-Safety & High Intelligent Nuclear Operations

Grid (SSHINO).

This new SS Strategy should:

- include in the safety operation human management and organization responsibility

- extend the concept of safety on the emergency propagation in space and time

- adapt technology to humans by high-intelligent ICT support network.

Operational Super-Safety mission . ENES intents to follow two main closely interdependent RTD directions:

- 1. Nuclear integrated super safety management

- 2. High intelligence add network for design, planning and operations.

ENEA’s SPECIFIC INTERESTENEA’s SPECIFIC INTEREST

Casaccia Research Center, May 24, 2005 A.M.Gadomski, M.Sepielli

The both are seen from the perspectiveperspective of the development of SINAC development of SINAC

Super-safety Intelligent Network of Add ConsolesMore advanced interdysciplinary Italian studies of SINAC oriented are in progress and could be an important subject of international debates/negotiations and a research workshop.

Among others, they refere to:

- Core dynamics control - Robustness of software grids

- Operator tasks and behaviours - Intelligent Decision-support

- Cognitive operators’ errors - Abnormalities and

-- Organization barriers/pathologies Emergency Management.

• Thank you for your attention