Activity name PROSAFE - Prolonged time windows and safe states
Project summary

The objective of the project is to improve the quality of probabilistic and deterministic safety assessment methods with respect to safe and stable state definition, assessment of long time windows, including human reliability analysis in long time window scenarios, crediting repair and modelling different time windows. The work is divided into five work packages (WPs).

- WP1 Information collection
The questions raised in the request for a project proposal are all related to the fundamental issue that safety demonstration, both probabilistic and deterministic, is model-based, and models mean simplifications of the real world. For instance, the definition for safe state is a critical issue for safety analyses but it is difficult to define unanimously. To specify the objectives and scope of the project and to position the research questions in the overall DSA&PSA framework, it is necessary to initiate the project with a WP that collects information from the stakeholders and literature and synthesizes the results into a problem formulation that provides boundary conditions for the further project. The stakeholders’ questionnaire and literature study cover the topics safe state, acceptance criteria, success criteria, mission time, HRA methods (especially regarding long time window), crediting recoveries and repairs. One aim is also to collect examples of cases which are considered problematic from the safety assessment point of view.
The result of WP1 is a deliverable that compiles results of the survey and provides a problem formulation and examples for other tasks of the project. WP1 will also result in a decision regarding the scope of model developments in 2019 and 2020.


- WP2 Safe, stable end state
WP2 is devoted to the finding agreeable definition of safe and stable end state, which is applicable for various safety assessment contexts in nuclear safety management. Results of the survey of WP1 will be first compiled to a proposal for the definition (2019 task) that is submitted to stakeholders for commenting and that is applied in PSA method developments (WP3) and tested in pilot studies (WP4). In 2020, based on feedback from stakeholders and preliminary experience from pilot studies, the definition will be revised.

- WP3 PSA methods
WP3 is mainly divided into two parts:
 HRA – how to account for long available time
 PSA – In which way can/should the PSA be adjusted to account for safe state definition
The parts of the project are related, but not fully. The human error probability (HEP) estimation has already been identified as an issue with current time windows considered in the PSA. The PSA related part is mainly related to what is defined as a safe state.

The method development should cover the definition of long time window considering the required time, available time and their ratio. In general the probability of a human failure event (its included cognitive part and/or execution part) will be lower when the available time is much longer. It is also foreseen that some sort of limiting HEPs should be defined, considering the uncertainties. When there are much longer available times, the potential new human actions should also be discussed, e.g. recovery actions, repair actions and their dependencies with existing actions.
The PSA part will follow the safe state definition, but it is expected that the project will investigate and develop methods to cope with different mission times in different scenarios. In case of longer mission times the conservatism in the analysis may increase, and therefore it is expected that it may be relevant to consider repair. Another issue is that success criteria can change in time, e.g. from 2-out-of-4 to 1-out-of-4. Fuel pool cooling analysis is an example where it is expected that longer mission times would be relevant. It may also be expected that external events could challenge the normal mission time in PSA. In addition, it can be worth considering shorter than 24 h mission time for some safety functions. The HRA and PSA method developments should be pilot study driven, to focus the method development and discussion on the relevant areas.

- WP4 PSA pilot studies
The purpose of the pilot studies is to evaluate the feasibility of the proposed methods in WP3. Pilot studies will be started early in the project. Real case studies can point out significant issues for the method development work of WP3. Pilot studies are carried out in close cooperation with the utilities, which are the owners of PSA models.
WP4 will report publicly general results from pilot studies. Details such as numerical results will not be reported publicly.

- WP5 Meetings, dissemination and management
WP5 is responsible for the overall management of the project including coordination of the activities, progress reporting, arrangement of meetings, and preparation of plans.


Lead organisation Risk Pilot AB
Contact person Stefan Authén,


