Methodologies for the probabilistic risk assessment of digital reactor protection and control systems

Nuclear power plants are in the process of replacing the existing analog instrumentation and control (I&C) systems with digital technology. Digital systems distinguish themselves from other control and instrumentation systems mainly due to the presence of active software/ firmware as well as hardware. The U.S. Nuclear Regulatory Commission policy statement on the use of probabilistic risk assessment (PRA) methods in nuclear regulatory activities encourages licensees to use PRA and associated analyses to support the licensing applications to the extent supported by the state-of-the-art and data. Before digital system reviews can be performed in a risk-informed manner, PRAs will need the capability to model digital I&C systems. The available methodologies for the reliability and risk modeling of digital I&C systems are reviewed with respect to their capability to account for the features of the digital I&C systems relevant to digital reactor protection and control systems, as well as the integrability of the resulting model into an existing PRA. It is concluded that the methodologies that rank as the top two with most positive features and least negative or uncertain features (using subjective criteria based on reported experience) are the dynamic flowgraph methodology and the Markov methodology combined with the cell-to-cell mapping technique, each with different advantages and limitations.