REG NASA SP-2011-3421-2011 Probabilistic Risk Assessment Procedures Guide for NASA Managers and Practitioners 2nd Edition.pdf

1、 NASA/SP-2011-3421 Second Edition December 2011 Probabilistic Risk Assessment Procedures Guide for NASA Managers and Practitioners Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-NASA Scientific and Technical (STI) Program . in Profile Since its foun

2、ding, NASA has been dedicated to the advancement of aeronautics and space science. The NASA scientific and technical information (STI) program plays a key part in helping NASA maintain this important role. The NASA STI program operates under the auspices of the Agency Chief Information Officer. It c

3、ollects, organizes, provides for archiving, and disseminates NASAs STI. The NASA STI program provides access to the NASA Aeronautics and Space Database and its public interface, the NASA Technical Report Server, thus providing one of the largest collections of aeronautical and space science STI in t

4、he world. Results are published in both non-NASA channels and by NASA in the NASA STI Report Series, which includes the following report types: TECHNICAL PUBLICATION. Reports of completed research or a major significant phase of research that present the results of NASA Programs and include extensiv

5、e data or theoretical analysis. Includes compila tions of significant scientific and technical data and information deemed to be of continuing reference value. NASA counter-part of peer-reviewed formal professional papers but has less stringent limitations on manuscript length and extent of graphic

6、presentations. TECHNICAL MEMORANDUM. Scientific and technical findings that are preliminary or of specialized interest, e.g., quick release reports, working papers, and bibliographies that contain minimal annotation. Does not contain extensive analysis. CONTRACTOR REPORT. Scientific and technical fi

7、ndings by NASA-sponsored contractors and grantees. CONFERENCE PUBLICATION. Collected papers from scientific and technical conferences, symposia, seminars, or other meetings sponsored or co-sponsored by NASA. SPECIAL PUBLICATION. Scientific, technical, or historical information from NASA programs, pr

8、ojects, and missions, often concerned with subjects having substantial public interest. TECHNICAL TRANSLATION. English-language translations of foreign scientific and technical material pertinent to NASAs mission. Specialized services also include organizing and publishing research results, distribu

9、ting specialized research announcements and feeds, providing help desk and personal search support, and enabling data exchange services. For more information about the NASA STI program, see the following: Access the NASA STI program home page at http:/www.sti.nasa.gov E-mail your question via the In

10、ternet to helpsti.nasa.gov Fax your question to the NASA STI Help Desk at 443-757-5803 Phone the NASA STI Help Desk at 443-757-5802 Write to: NASA STI Help Desk NASA Center for AeroSpace Information 7115 Standard Drive Hanover, MD 21076-1320 Provided by IHSNot for ResaleNo reproduction or networking

11、 permitted without license from IHS-,-,-NASA/SP-2011-3421 Probabilistic Risk Assessment Procedures Guide for NASA Managers and Practitioners NASA Project Managers: Michael Stamatelatos, Ph.D., and Homayoon Dezfuli, Ph.D. NASA Headquarters Washington, DC Second Edition December 2011 Provided by IHSNo

12、t for ResaleNo reproduction or networking permitted without license from IHS-,-,-Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-ii i Acknowledgments The individuals responsible for this document, who managed this project, and were also authors are:

13、Michael Stamatelatos, NASA Headquarters (HQ), Washington, DC, and Homayoon Dezfuli, NASA HQ, Washington, DC The following individuals, listed in alphabetic order, are principal contributors to the present and/or previous edition of this document: George Apostolakis, previously at Massachusetts Insti

14、tute of Technology (MIT), now at United States Nuclear Regulatory Commission (NRC) Chester Everline, NASA Jet Propulsion Laboratory (JPL) Sergio Guarro, Aerospace Corporation Donovan Mathias, NASA Ames Research Center (ARC) Ali Mosleh, University of Maryland (UMD) Todd Paulos, Alejo Engineering Davi

15、d Riha, Southwest Research Institute Curtis Smith, Idaho National Laboratory (INL) William Vesely, NASA HQ Robert Youngblood, INL Additional contributors to this or the previous version of this document are: Harold Blackman, Ron Boring, and David Gertman, INL; Scott Dixon and Michael Yau, ASCA Inc.;

16、 Parviz Moieni, Southern California Edison; Hamed Nejad, Science and Technology Corp.; Pete Rutledge, Quality Assurance Frank Groen and Faith Chandler, NASA HQ; Ken Gee, ARC; Susie Go, ARC; Scott Lawrence, ARC; Ted Manning, ARC; Patrick McCabe and Kurt Vedros, INL; and Shantaram Pai, Glenn Research

17、Center. Reviewers who provided comments on the drafts leading up to this revision are: Allan Benjamin and Christopher Everett, Information Systems Laboratories; Tim Barth, NASA Engineering and Safety Center (NESC); Mark Bigler, Johnson Space Center (JSC); Michael Blythe, NESC; Roger Boyer, JSC; Alfr

18、edo Coln, NASA HQ; Charles Ensign, Kennedy Space Center (KSC); Amanda Gillespie, KSC; Teri Hamlin, JSC; Curtis Larsen, JSC; Mike Lutomski, JSC; Mark Monaghan, KSC; Bruce Reistle, JSC; Henk Roelant, JSC. Document available from: NASA Center for AeroSpace Information National Technical Information Ser

19、vice 7115 Standard Drive 5301 Shawnee Road Hanover, MD 21076-1320 Alexandria, VA 22312 443-757-5802 703-605-6000 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-ii Provided by IHSNot for ResaleNo reproduction or networking permitted without license f

20、rom IHS-,-,-iii Contents Acknowledgments i Acronyms and Abbreviations xviii 1. Introduction . 1-1 1.1 Purpose and Scope of This Procedures Guide . 1-2 1.2 Knowledge Background . 1-3 1.3 Application Recommendation 1-3 1.4 References 1-3 2. Risk Management . 2-1 2.1 Definition of Risk 2-1 2.2 Risk Man

21、agement at NASA . 2-2 2.2.1 Risk-Informed Decision Making Process (RIDM) . 2-4 2.2.2 Continuous Risk Management (CRM) 2-7 2.3 References 2-11 3. Probabilistic Risk Assessment Overview 3-1 3.1 Historical Background 3-1 3.1.1 Design Basis Evaluation vs. Risk Evaluation . 3-1 3.1.2 From Regulation Base

22、d on Design Basis Review to Risk-Informed Regulation 3-2 3.1.3 Summary of PRA Motivation 3-3 3.1.4 Use of PRA in the Formulation of a Risk-Informed Safety Case (RISC) 3-4 3.1.5 Management Considerations . 3-4 3.2 Example . 3-5 3.2.1 Propellant Distribution Module Example 3-5 3.2.2 Selected Results 3

23、-6 3.2.3 High-Level Application of Results . 3-8 3.2.4 Summary 3-9 3.3 Elements of PRA . 3-10 3.3.1 Identification of Initiating Events . 3-11 3.3.2 Application of Event Sequence Diagrams and Event Trees . 3-13 3.3.3 Modeling of Pivotal Events . 3-17 3.3.4 Quantification of (Assignment of Probabilit

24、ies or Frequencies to) Basic Events 3-19 3.3.5 Uncertainties: A Probabilistic Perspective 3-21 3.3.6 Formulation and Quantification of the Integrated Scenario Model . 3-23 3.3.7 Overview of PRA Task Flow . 3-25 3.4 Summary . 3-26 3.4.1 Current State of Practice 3-26 3.4.2 Prospects for Future Develo

25、pment . 3-27 3.5 References 3-27 4. Scenario Development . 4-1 4.1 System Familiarization 4-1 4.2 Success Criteria 4-3 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-iv 4.2.1 Mission Success Criteria 4-3 4.2.2 System Success Criteria 4-4 4.3 Develop

26、ing a Risk Model . 4-5 4.3.1 IE Development 4-7 4.3.2 Accident Progression . 4-10 4.3.3 Fault Tree Modeling . 4-17 4.4 References 4-20 5. Data Collection and Parameter Estimation . 5-1 5.1 PRA Parameters 5-1 5.2 Sources of Information 5-3 5.2.1 Generic Data Sources 5-3 5.2.2 System-Specific Data Col

27、lection and Classification . 5-5 5.3 Parameter Estimation Method . 5-9 5.4 Prior Distributions 5-10 5.5 Selection of the Likelihood Function 5-11 5.6 Development of the Posterior Distribution . 5-12 5.7 Sequential Updating 5-15 5.8 Developing Prior Distributions from Multiple Sources of Generic Info

28、rmation . 5-15 5.9 Guidance for Bayesian Inference Calculations 5-16 5.10 References 5-16 6. Uncertainties in PRA . 6-1 6.1 The Model of the World . 6-1 6.2 The Epistemic Model . 6-2 6.3 A Note on the Interpretation of Probability . 6-3 6.4 Presentation and Communication of the Uncertainties . 6-7 6

29、.5 The Lognormal Distribution . 6-8 6.6 Assessment of Epistemic Distributions 6-10 6.6.1 Bayes Theorem . 6-10 6.6.2 A Simple Example: The Discrete Case . 6-11 6.6.3 A Simple Example: The Continuous Case . 6-12 6.6.4 Conjugate Families of Distributions 6-15 6.7 The Prior Distribution . 6-17 6.8 The M

30、ethod of Maximum Likelihood 6-18 6.9 References 6-19 7. Modeling and Quantification of Common Cause Failures 7-1 7.1 Importance of Dependence in PRA . 7-1 7.2 Definition and Classification of Dependent Events 7-1 7.3 Accounting for Dependencies in PRAs 7-2 Provided by IHSNot for ResaleNo reproductio

31、n or networking permitted without license from IHS-,-,-v 7.4 Modeling Common Cause Failures . 7-4 7.5 Procedures and Methods for Treating CCF Events . 7-6 7.6 Preliminary Identification of Common Cause Failure Vulnerabilities (Screening Analysis) . 7-6 7.6.1 Qualitative Screening . 7-6 7.6.2 Quantit

32、ative Screening . 7-8 7.7 Incorporation of CCFs into System Models (Detailed Analysis) 7-10 7.7.1 Identification of CCBEs 7-10 7.7.2 Incorporation of CCBEs into the Component-Level Fault Tree 7-11 7.7.3 Development of Probabilistic Models of CCBEs 7-13 7.7.4 Estimation of CCBE Probabilities . 7-15 7

33、.8 Generic Parameter Estimates . 7-16 7.9 Treatment of Uncertainties 7-17 7.10 References 7-18 8. Human Reliability Analysis (HRA) 8-1 8.1 Basic Steps in the HRA Process . 8-1 8.2 Classifications of Human Interactions and Associated Human Errors . 8-3 8.2.1 Pre-Initiator, Initiator, and Post-Initiat

34、or HSIs . 8-3 8.2.2 Skill, Rule, and Knowledge-Based Response 8-3 8.2.3 Error of Omission and Error of Commission . 8-4 8.3 General Modeling of Pre-Initiator, Initiator, and Post-Initiator HSIs in a PRA 8-4 8.4 Quantification of Human Interactions (or Errors) . 8-4 8.4.1 Qualitative Screening . 8-5

35、8.4.2 Quantitative Screening . 8-6 8.5 HRA Models 8-6 8.5.1 Technique for Human Error Rate Prediction (THERP) . 8-6 8.5.2 Cognitive Reliability and Error Analysis Method (CREAM) 8-11 8.5.3 Nuclear Action Reliability Assessment (NARA) 8-15 8.5.4 Standard Plant Analysis Risk HRA Method (SPAR-H) . 8-18

36、 8.6 Guidelines on Uses of HRA Models 8-21 8.7 HRA Examples 8-22 8.7.1 Example for a Post-Initiator HSI . 8-22 8.7.2 Example for a Pre-Initiator HSI . 8-25 8.8 References 8-28 9. Software Risk Assessment . 9-1 9.1 Concept of Software Risk and Related Definitions 9-2 9.1.1 Basic Definitions . 9-3 9.1

37、.2 Software Defects and Software Failures 9-3 9.2 Lessons Learned from Software Failures in Space Systems 9-5 9.3 Classification of Software Failures for Risk Modeling 9-8 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-vi 9.3.1 Conditional vs. Uncon

38、ditional Failures . 9-8 9.3.2 Recoverable vs. Mission-critical Failures . 9-9 9.4 Context-based Software Risk Model (CSRM) . 9-10 9.4.1 Conceptual Formulation . 9-10 9.4.2 Key Objectives and Characteristics of CSRM Application . 9-12 9.4.3 Application Process 9-15 9.4.4 Examples of Application . 9-1

39、7 9.4.5 CSRM Modeling Detail and Representation of Software Failure Modes 9-31 9.4.6 Software Risk Quantification 9-33 9.5 Use of Software Risk Information 9-39 9.5.1 Conditional Scenarios and Risk-informed Software Testing Strategies . 9-39 9.5.2 Integration of Results into Pre-existing PRA Models

40、9-40 9.6 Definitions 9-41 9.7 References 9-42 10. Physical and Phenomenological Models . 10-1 10.1 Role of Phenomenological Methods in Risk Assessment . 10-2 10.2 Phenomenological Modeling During the Design Process 10-2 10.3 Stress-Strength Formulation of Physical Models . 10-4 10.4 Range Safety Phe

41、nomenological Models 10-6 10.4.1 Inert Debris Impact Models. 10-7 10.4.2 Blast Impact Models . 10-8 10.4.3 Re-Entry Risk Models . 10-12 10.5 MMOD Risk Modeling 10-14 10.5.1 Risk from Orbital Debris . 10-14 10.5.2 MMOD Risk Modeling Framework 10-14 10.5.3 Probability of MMOD Impact PI10-15 10.5.4 Pro

42、bability of MMOD Impact Affecting Critical SV Components, PC/ I10-15 10.5.5 Probability of Critical Component Damage, PD/C10-16 10.6 Ground-Based Fire PRA 10-16 10.7 A Launch Vehicle Ascent Abort Model 10-23 10.8 Summary . 10-24 10.9 References 10-24 11. Probabilistic Structural Analysis 11-1 11.1 B

43、asic Concepts of Probabilistic Structural Analysis 11-1 11.2 Probabilistic Structural Response Modeling 11-2 11.2.1 Limit State Formulation 11-2 11.2.2 Assigning Uncertainty Models to Random Variables 11-4 11.3 Stress Versus Strength Modeling 11-4 11.3.1 Normal Distributions . 11-5 11.3.2 Lognormal

44、Distributions 11-6 11.4 Monte Carlo Simulation and Most Probable Locus Approaches . 11-8 Provided by IHSNot for ResaleNo reproduction or networking permitted without license from IHS-,-,-vii 11.5 Probabilistic Finite Element Approaches . 11-14 11.5.1 When Probabilistic Finite Element Analysis is Nee

45、ded 11-14 11.5.2 Mapping Random Variables to Finite Element Input 11-14 11.6 Probabilistic Fracture Mechanics . 11-15 11.6.1 Differences of Probabilistic Fracture Mechanics 11-16 11.6.2 When Probabilistic Fracture Mechanics is Needed 11-17 11.6.3 Probabilistic Characterization of Input Variables 11-

46、17 11.7 Probabilistic Structural Analysis Examples 11-19 11.7.1 Example of a Probabilistic Stress versus Strength Analysis 11-19 11.7.2 Example of a Probabilistic Finite Element Analysis 11-21 11.8 References 11-23 12. Uncertainty Propagation 12-1 12.1 Problem Statement for Uncertainty Propagation .

47、 12-2 12.1.1 How Does Sampling Work? . 12-3 12.1.2 Crude Monte Carlo Sampling . 12-4 12.1.3 Latin Hypercube Sampling . 12-4 12.2 Achieving Convergence . 12-5 12.3 Example: Uncertainty Propagation for an Accident Scenario Using LHS 12-6 12.4 Treatment of Epistemic Dependency 12-12 12.5 Epistemic Unce

48、rtainty in Phenomenological Models . 12-13 12.6 References 12-15 13. Presentation of Results . 13-1 13.1 Graphical and Tabular Expression of Results . 13-2 13.2 Communication of Risk Results . 13-3 13.2.1 Displaying Epistemic Uncertainties 13-3 13.2.2 Displaying Conditional Epistemic Uncertainties .

49、 13-4 13.2.3 Displaying Aleatory and Epistemic Uncertainties . 13-6 13.3 Importance Ranking 13-10 13.3.1 Importance Measures for Basic Events Only . 13-11 13.3.2 Differential Importance Measure for Basic Events and Parameters . 13-13 13.3.3 Example of Calculation of Importance Rankings 13-15 13.4 Sensi