Integrated Safety and Security Analysis of Nuclear Power Plants Using Dynamic Event Trees

Nuclear security relies on the method of vital area identification (VAI) to determine which locations within the nuclear power plant (NPP) need to be protected from radiological sabotage. The VAI methodology uses fault trees (FTs) and event trees (ETs) to identify locations in the NPP that contain vital equipment: structures and components that may result in reactor significant core damage if direct or indirect sabotage occurred. However, the traditional FT/ET process cannot fully capture the dynamics of NPP systems and mitigating measures at play. Existing safety systems or possible operator procedures may be able to avert or mitigate core damage despite the loss of one or more vital areas. Dynamic probabilistic risk assessment (DPRA) methodologies are those that, unlike traditional probabilistic risk assessment, explicitly consider time effects when modeling a system. One common DPRA methodology is that of the use of dynamic event trees (DETs) that drive computer models of a system with user-specified branching conditions to account for uncertainties in a scenario. The DPRA process allows analysts to explore the uncertainties and state space of a scenario in a systematic fashion. A scenario was developed that uses the novel leading simulator/trailing simulator methodology to perform a DET analysis of a combined nuclear safety and nuclear security analysis. The scenario under consideration models the successful sabotage of a vital area by adversaries and determines the effects of timing and the extent of sabotage, as well as possible recovery actions, on the state of the plant. The results of this integrated analysis include the timing and extent of core damage as well as the extent of any radiological release that may occur as a result of sabotage.