22
NuclearPlantJournal.com Nuclear Plant Journal, March-April 2014
robotic) scanning devices deliver high-
precision images but at higher cost.
Since 2009, EPRI has been leading
the development of an “acoustic mouse”
system to deliver handheld convenience
and high-quality imaging at reduced
cost. Early-stage R&D has focused
on integrating the position-tracking
capabilities required for handheld
scanning with advances in:
Ultrasonic migration techniques
to characterize internal features in
metallic components.
Focusing methods to enable spatially
resolved
image
reconstruction
with reduced data processing
requirements.
Sparse-array transducers to allow
full-matrix capture with a reduced
number of sensing elements.
In 2013, advanced ultrasonic probes
and data processing and analysis tools
were applied for volumetric inspection
of test specimens. Results indicate that
sparse-array transducers are capable of
imaging a large volume from a single,
stationary position with good resolution
and that the number of beam-forming
elements used in today’s UT probes could
be decreased by 50% or more without
degrading image quality. These findings
could support substantial reduction in
the complexity of future NDE devices,
producing cost savings.
During 2014, image reconstruction
based on single-pass, multi-directional,
and multi-positional scanning will
be evaluated, as will sparse-array
transducers containing just 32 elements –
with the potential of providing ultrasonic
signals equivalent to 64 element probes.
In addition, a functional acoustic
mouse system prototype will be tested
on component mockups. NDE system
manufacturers are expected to begin
integrating EPRI-developed innovations
in commercial products for field
demonstration and qualification testing
in 2015.
Contact: Mark Dennis, telephone:
Hazard Analysis
A new hazard analysis method could
help engineers identify and manage
potential vulnerabilities before a digital
system is put into operation.
The lack of practical and effective
hazard analysis methods for digital I&C
systems can adversely affect design,
risk assessment, and licensing efforts
involving digital equipment. Results
can include undesired and costly plant
transients, increases in system costs and
complexity without commensurate safety
benefits, and inadequate support for
designs that can improve dependability
and reduce overall risk. Early awareness
of potential vulnerabilities would enable
I&C system engineers to design such
vulnerabilities out of the system.
EPRI is investigating a novel method
called systems theoretic process analysis
(STPA) that appears to be much better
suited to digital I&C systems than
traditional approaches. Developed by the
Massachusetts Institute of Technology,
STPA starts with a focus on identified
losses, such as disabling a safety
function or an inadvertent plant trip. It
then systematically uncovers hazardous
control actions (including failures) that
can lead to the identified losses under
normal, abnormal and faulted operating
conditions. It does not limit the analysis
to component failures in the way that
traditional approaches do; it also considers
designed-in behaviors that could become
problematic under abnormal conditions.
An example would be a protective feature
designed to automatically shut down a
system if it detects a problem, which
could cause an undesired shutdown
under some set of unexpected conditions
if the problem is misinterpreted. This is
particularly important for complex digital
systems, because a significant percentage
of mishaps involve undesired behaviors
that occur under unanticipated or untested
operating conditions.
One of the examples developed
during the EPRI study demonstrated
STPA’s potential. In applying the method
to the control system for a safety-related
turbine-driven pump, the project team
identified an abnormal condition under
which the system would inadvertently
shut itself off, with no component
failures, and in the presence of a valid
safety actuation signal. Unbeknown to
the STPA analysts, the real plant system
actually experienced this unwanted
behavior during a periodic test, which
only by happenstance revealed the design
flaw that created the hazardous control
action. Although the STPA analysts
were not experts in the control system,
they were able to find this flaw more
easily than with traditional methods.
Finding such vulnerabilities early in the
design process enables such issues to be
resolved more simply, efficiently, and
cost-effectively.
STPA is still evolving, and more
work is needed before nuclear plants can
fully realize its benefits. Future EPRI
projects will develop software tools for
managing the large data sets produced
in the analysis, conduct demonstration
projects using actual nuclear plant
systems, and develop training materials.
Contact: Ray Torok, telephone: (650)
855-2310, email:
.
Source: Electric Power Research
Institute’s (EPRI) Nuclear Executive
Update, January 2014.
Research &
Development...
STPA systematically reveals the
presence of control flaws and the
potential for undesired control
actions.
