A survey on the use of PRA to support failure tolerance analyses

The purpose of STUK’s YVL Guide B.1 is to assure that a nuclear power plant’s systems, structures and components are designed and dimensioned in such a way that they are able to perform their function in all scenarios they are supposed to. A central requirement concerning this is failure tolerance, which informally means that a failure cannot spread across the system:the system will fill safety requirements even though some parts of it have failed. Failure tolerance analysis (FTA) is a framework to organize individual analyses that demonstrate this for some given part of the system to a systematic and comprehensive whole.To clarify the concept of FTA, and the potential role of probabilistic risk assessments (PRA) as a part of it, a survey was conducted among the Finnish nuclear power companies and STUK.This report describes the result of that survey.There are several requirements in YVL B.1 whose fulfilment can be demonstrated by FTA. In their answer, STUK gives a list of examples, and notes that FTA can be used in the treatment of requirements in some other YVL guides, too.The experience on FTA varies from company to company. Fennovoima has not conducted FTA yet but will do so as a part of construction license application. Fortum has conducted FTA for plant modifications, and to the scope of the modifications only. TVO has conducted a top-level FTA for OL1 and OL2, failure modes and effects analysis for PRA, and certain other analyses for some systems; for OL3, several systems have been analysed in the FTA framework.From STUK’s reply it is clear that PRA is not a promising approach to support FTA, because in PRA it is generally assumed that systems can fulfil their function if no part of it has failed, whereas the purpose of FTA is to demonstrate this.The repliers also present some ideas and views concerning the scope and properties of a method for FTA. These will help future development work in FTA.