Sažetak (engleski) | A nuclear power plant sets the example of a most complex technical system in which nuclear technology is applied to generate electricity. The complexity of the nuclear power plant system reflects not only during its construction, but also during the operation in functional maintenance processes, as in accordance with the highest safety requirements. Complex nuclear power plant systems are usually perceived as a regulated whole of elements divided into smaller subsystems and separate components. Commonly, the structural organization is hierarchically complex due to numerous functional bonds between the subsystems and components. The hierarchical sequence of elements of the nuclear power plant system is observed at a functional level for the purpose of performing the intended functions during operation, which we call the holistic approach. An elimination of errors in the design or during the exploitation of a complex technical system, such as a nuclear power plant, requires large human and financial resources. The emergence of incidents in a complex nuclear power plant system often demands significant financial funds, human resources as well as time duration in order to find the causes and remove consequences. Therefore, prediction, early detection as well as prevention of incidents are extremely important throughout the life cycle of a nuclear power plant. Activities performed throughout the lifecycle are closely linked to the reliability analysis of the system and are most often carried out by assessing the risks in the nuclear power plant's system and its subsystems. One of the questions, raised during the exploitation of a nuclear power plant is the reliability of system elements to meet the highest safety requirements. Meaning, that at the level of the hierarchical organisation it is necessary to determine the probability of operation within timeframes, in the expected manner and under strictly defined operating conditions for all elements of the nuclear power plant system. The problem of determining the probability of system operation is addressed by the reliability theory, and the aim of this work is, by applying the law of the reliability theory, to improve the fault tree method for qualitative and quantitative reliability assessment of the nuclear power plant system. In order for the law of the reliability theory to be applied, the nuclear power plant system must be formally described at the abstract level of the model and it is necessary to provide an unambiguous mapping between the records. The description of the nuclear power plant system is based on the determination of the structural function of the system indicating a functional connection between the constituent elements (subsystems, components). By observing the simple status {work, does not work} on structural function elements of the system and by associating probability with these events, we introduce an elementary link to the theory of reliability, in other words, we define a probabilistic model of the functioning of the nuclear power plant system. It should be noted that this approach is not restricted to the nuclear power plant system, but is applicable on other technical systems as well. The main task of the reliability analysis of a nuclear power plant system is the risk assessement of the entire system and of its most significant subsystems. One most relevant approach for accomplishing this task is to build a fault tree model to describe undesirable events in the system and subsystems. A fundamental activity in the application of the fault tree method is the decomposition of the top event into simpler events to a selected level, where no further analysis is required. Terminating events that are considered indivisible are called basic events and are usually associated with failures of the basic system components. The fault state of a basic component is described with a simple logical variable. The possibility of one component to transit from an operational state to a fault state is measured by assigning the transition probability. On such a defined, meanwhile, probabilistic model two types of analysis are carried out: • Quantitative analysis - calculation of the probability of a top event by defining a function on probabilities of basic events and determining probabilistic parameters (measures of importance) for system components, • Qualitative analysis - determining the minimum sets of basic events and their properties leading to a top event. It is namely known, that for the success of the application of software solutions on a complex fault tree model, it is necessary, either to reduce accuracy, which can be unacceptable for critical systems, or to significantly simplify the model to the level of detail, which allows to carry out more precise calculations. The complexity of the fault tree model basically stems from the complexity of the representation of the logical model represented by the fault tree. Different conventional techniques of representation of logical functions do not necessarily meet the requirements for the presentation of the fault tree model. More recently, binary decision diagrams (BDDs) have gained more popularity in various engineering disciplines. The structure of binary decision diagrams proves to be extremely effective in presenting logical functions that contain sub-function sharing, i.e. sub-functions used multiple times in the logical function definition. However, the usability of BDD-based tools in reliability analysis is directly related to the size of the BDD representation. Determining the optimal size of BDD representations falls into the category of the most difficult problems and has intensively been approached with approximate procedures that do not have to provide optimal solutions. Since the size of the BDD representation for the fault tree model is determined by the order of the basic events from which the model is formed, the problem is attempted to be solved suboptimally by applying heuristic methods. Thereby, this doctoral dissertation brings a new heuristic method for determining the order of basic events, while its purposefulness and applicability have been verified on realistic examples of the fault tree from the model of the nuclear power plant Krško. In simple words, the main thesis herein leans in finding an effective BDD representation for the fault tree model by which we can carry out exact analyses without diminishing accuracy and without reducing the model on realistic examples from the nuclear power plant. Due to the complexity of the problem, results from different fields of applied sciences have been used. For the purpose of verifying and confirming the applicability of the developed algorithms, it is necessary to use results of the mathematical apparatus from several branches: • Complexity theory for analyzing the complexities of developed or used algorithms • Mathematical logic for connecting logical functions with fault tree models • Probability theory for establishing basic relationships in the evaluation process of the fault tree Beside the mathematical apparatus, the results from the theory of reliability establish a connection with formal models of complex systems. Mostly important is the linking of the system model to results from the probability theory on reliability models of complex systems. Further, the concept of logical function and its interpretation on the system model in form of minimal path and cut sets represents an important role. The basic tool for evaluating the system model in nuclear power plants is the fault tree, and the question of the complexity of its analysis (qualitative and/or quantitative) is associated with the complexity of the representation of logical functions using the BDD. In the chapter dedicated to the BDD representation, basic features of BDD representations were introduced by structure of the directed graph with two terminal nodes. The uniqueness property of BDD representation (canonical forms) for logical functions has been shown herein, as well as, in respect of the canonical forms, how the complexity of logical operations on a BDD representation depends on the number of nodes in the graph structure. Further to the basic logical operations of BDD representations, the ZDD modification has been introduced, which enables a unique record of sets, allowing easy operation with combinations of sets, especially for the purpose of presentation and operation over numerous sets of minimal cut sets. In addition, by using simple characterization of minimal cut sets for coherent fault trees, the application of BDD representations to determine their complete MCS set has been implemented and demonstrated. Definitions of importance measures have been derived and the algorithm to calculate conditional probability on the MCS set has been developed, the latter enabling a determination of values of all importance measures for basic events from the fault tree. Beside the importance measures, an algorithm for selecting minimal cut sets according to the given criterion (in form of predicates), as well as algorithms for the assessment of the two bounds for the top event probability have been developed to compare with the conventional quantitative fault tree analysis approach. The developed algorithms and their implementation on the fault tree BDD representation enables the conduct of the evaluation process on the complete MCS set, neither needing any reduction of the set nor any application of approximate approaches to the problem. The thesis shows that BDD representation properties can be used to efficiently solve problems in the process of evaluating the fault tree. However, a key precondition in the application of BDD representation in the evaluation process is the determination of the basic events order. This problem has been predominantly addressed in the dissertation, showing that by applying the newly developed heuristic algorithm the evaluation process can be performed for the even most complex fault tree models. The basis of the new heuristics represents the algorithm for combining existing orders for inputs to gates. This algorithm forms a new order of basic events for the gate, taking into consideration their position and the possibility of the same event appearing in different orders from inputs to these gates. Where there is no overlapping of basic events between the orders for inputs to gates, a simple situation is solved by an algorithm for functions with a single occurrence of variables. A more complex situation is solved, in case of an overlap between orders, by comparing the number of basic events tops in a BDD representation. Since the formation of the order by means of the new heuristic is carried out sequentially in some input order, being sensitive to the choice of this order, the heuristics shall be applied multiple times (limited number of times) to inputs to gates. The best order obtained by this procedure is further improved by the Rudell's sifting method, which proved effective for the largest fault tree models. The entire procedure for the fault tree is carried out in the order of gates that follows from the depth-first traversal of the model. The verification of the approach has been carried out by evaluating examples of the fault tree from the literature and on realistic examples from the model for the Krško nuclear power plant. The thesis reveals, that with the order obtained, it is possible to fully carry out a quantitative and qualitative evaluation without any approximate calculations. Moreover, the results achieved (accuracy, completeness) show the applicability of the approach on realistic examples with a run time comparable to the conventional approach. The scientific contributions of the thesis can be divided into three basic units: 1. The development of an algorithm to determine the order of variables to find BDD representations of a complete fault tree or event tree in probabilistic reliability analyses of power systems. Starting from a model of logical function with a single occurrence of variables, an algorithm was developed, finding the order of basic events in the Boole-Shannon's development of logical functions represented by the fault tree. The principal idea of the new heuristics is based on the application of a recursive relation from the paper for the gate in the fault tree, containing a record of the logical function with a single occurrence of variables, while on other gates the technique of searching for the best permutation of the input based on the assessment of the size of the BDD gate record is applied. To reduce the search space, different fault tree simplification techniques are applied with the aim of increasing the part of the fault tree that has a logical function structure with a single occurrence of variables. During the formation of BDD representations for gates in more complex fault tree models, the dynamic reordering technique is additionally applied by swapping of adjacent logical variables. The new heuristics is applied successively to the gates in the order specified by depth traversing of the fault tree model. The order for top events is optionally dynamically improved for the most complex models. 2. The improvement of the qualitative and quantitative fault tree analysis on complex nuclear power systems by applying a complete calculation of the BDD model record, using the order of basic events specified by the new heuristics. The qualitative analysis of the fault tree has been improved in the domain of selecting a part of the MCS set from a complete set of minimal cut sets while meeting adjusted selection criteria. The difference to the conventional approach is reflected in the approach, since the choice is carried out on the entire MCS set, while in conventional approaches the choice of one part of the MCS set is carried out by discarding the elements during the calculation. For a quantitative analysis of the fault tree, the following algorithms have been developed: • algorithm for determining the top (or other) event probability from a complete MCS set in a BDD representation with a default interpretation of the logical function represented by the fault tree, • algorithm for determining the upper bound for the probability of a top (or other) event from a complete set of minimal cut sets, • algorithm for determining the upper bound for the probability of a top (or other) event from rare events using a complete set of minimal cut sets. 3. The development of the application and the confirmation of the results obtained were achieved by comparison with the conventional approach. All algorithms in the thesis have been fully implemented in the software solution, and the correctness and accuracy of the algorithms has been verified by comparison with the results obtained by conventional approach. For comparison with the conventional approach, the KIRAP software solution was used, since the choice of a conventional solution is invariant for the results. In other words, a comparison with another conventional solution will give similar (most often the same) results using the same approximate methods. This thesis raises questions related to further research work. Undoubtly, the developed heuristic algorithm does not represent the final solution to the problem of the order of basic events in the fault tree model, but it represents a step forward towards the application of the BDD method on real nuclear power plant models and in other technological fields. In this sense, modifications to the existing or the development of new heuristic algorithms are possible, which can exploit the specifics of the fault tree model from the selected scope. In addition, it is possible to extend the scope of application of the BDD method to other problems relating to logical functions and to problems of their efficient representation. It should also be noted, that the possibility of implementing functional analysis over the record of the MCS set arises, since the evaluation of the BDD approach is carried out on a complete set of minimal cut sets. In other words, from a complete set of minimal cut sets it is possible to determine a logical function that shows the model's dependency on the change in probability of a basic event, or on changing the probability of a performed event (gate) and their combinations. In addition to the sensitivity analysis, functional dependency between components can be obtained from the complete MCS set, for example, failures that depend on the function they establish, or sequences of defects with components. Additionally, an interesting area for further research may be the application of BDD representations to dynamic fault trees. The application to dynamic fault trees requires expansion in implementation, especially in the domain of determining the order for priority gates and their implementation by means of binary decision diagrams. An interesting area of research is the problem of finding minimal formats of arbitrary logical functions. In particular, such a problem is the one of determining the minimum record of a noncoherent fault tree. Some progress has already been made in this direction, but there is still room for research, especially in logical functions with hundreds (or thousands) of logical variables. Apart from a practical application of the BDD method, theoretical questions of the properties of BDD representations are also open, particularly the properties of BDD representations for certain categories of logical functions, such as logical functions applied in cryptography (e.g. Bent functions), or in error detection and correction codes. |