A review of defences against common cause failures in reactor protection systems

Redundancy is essential for achieving fault tolerance and higher dependability attributes. Redundancy by means of replication of identical units is widely used and under the assumption of random failures, it proves to be beneficial also. But common cause failures (CCFs) are threat to such redundancy schemes. With the increasing use of computer-based/electronic programmable systems in critical applications, CCFs are becoming major contributors to systems failures. CCFs are becoming major contributors to systems failures. The paper briefly reviews the phenomena of CCFs, its potential sources, triggering mechanisms, propagation and defence measures. It also reviews CCF models and comments on their limitations. A reactor protection system (RPS) is one of the safety critical systems in a nuclear power plant (NPP). A computer based RPS of a new NPP is taken for CCF case study. The system design is analyzed for its capability in preventing/reducing potential sources, triggering mechanisms and barriers against propagation of CCFs. The paper compares the CCF defence mechanisms employed in the new RPS along with two other recent RPSs of two reputed NPPs - AP1000 and Areva.

[1]  Torbjørn Lilleheier,et al.  Analysis of commom cause failures in complex safety instrumented systems , 2008 .

[2]  Homayoon Dezfuli,et al.  Probabilistic Risk Assessment Procedures Guide for NASA Managers and Practitioners (Second Edition) , 2011 .

[3]  James E. Stotta,et al.  Common Cause Failure Modeling: Aerospace vs. Nuclear , 2010 .

[4]  Athena Zitrou,et al.  An Influence Diagram Extension of the Unified Partial Method for Common Cause Failures , 2007 .

[5]  A. Mosleh,et al.  Dependent-failures in spacecraft: root causes, coupling factors, defenses, and design implications , 1995, Annual Reliability and Maintainability Symposium 1995 Proceedings.

[6]  Marvin Rausand,et al.  Common cause failures in safety instrumented systems on oil and gas installations: Implementing defense measures through function testing , 2007 .

[7]  Andrew N. O'Connor A general cause based methodology for analysis of dependent failures in system risk and reliability assessments , 2013 .

[8]  P. Hokstad,et al.  Estimation of common cause factors from systems with different numbers of channels , 2006, IEEE Transactions on Reliability.

[9]  Paul H. Kvam,et al.  Common cause failure prediction using data mapping , 2002, Reliab. Eng. Syst. Saf..

[10]  Xuemin Wang,et al.  Data mapping and the prediction of common cause failure probability , 2005, IEEE Transactions on Reliability.

[11]  Ia. Watson Analysis of dependent events and multiple unavailabilities with particular reference to common-cause failures , 1986 .

[12]  Ian A. Watson,et al.  Common cause failures—a dilemma in perspective , 1980 .