• Nuclear Engineering and Technology
• /
• 제40권5호
• /
• pp.365-374
• /
• 2008

Dependability-critical systems, such as digital instrumentation and control systems in nuclear power plants, necessitate engineering techniques and tools to provide assurances of their safety and reliability. Determining system reliability at the architectural design phase is important since it may guide design decisions and provide crucial information for trade-off analysis and estimating system cost. Despite this, reliability and system engineering remain separate disciplines and engineering processes by which the dependability analysis results may not represent the designed system. In this article we provide an overview and application of our approach to build architecture-based, dynamic system models for dependability-critical systems and then automatically generate dynamic fault trees (DFT) for comprehensive, tool-supported reliability analysis. Specifically, we use the Architectural Analysis and Design Language (AADL) to model the structural, behavioral and failure aspects of the system in a composite architecture model. From the AADL model, we seek to derive the DFT(s) and use Galileo's automated reliability analyses to estimate system reliability. This approach alleviates the dependability engineering - systems engineering knowledge expertise gap, integrates the dependability and system engineering design and development processes and enables a more formal, automated and consistent DFT construction. We illustrate this work using an example based on a dynamic digital feed-water control system for a nuclear reactor.

• Nuclear Engineering and Technology
• /
• 제51권2호
• /
• pp.444-452
• /
• 2019

To assess the availability of a nuclear power plant's dynamic systems, it is necessary to consider the impact of dynamic interactions, such as components, software, and operating processes. However, there is currently no simple, easy-to-use tool for assessing the availability of these dynamic systems. The existing method, such as Markov chains, derives an accurate solution but has difficulty in modeling the system. When using conventional fault trees, the reliability of a system with dynamic characteristics cannot be evaluated accurately because the fault trees consider reliability of a specific operating configuration of the system. The dynamic reliability graph with general gates (DRGGG) allows an intuitive modeling similar to the actual system configuration, which can reduce the human errors that can occur during modeling of the target system. However, because the current DRGGG is able to evaluate the dynamic system in terms of only reliability without repair, a new evaluation method that can calculate the availability of the dynamic system with repair is proposed through this study. The proposed method extends the DRGGG by adding the repair condition to the dynamic gates. As a result of comparing the proposed method with Markov chains regarding a simple verification model, it is confirmed that the quantified value converges to the solution.

• Nuclear Engineering and Technology
• /
• 제54권12호
• /
• pp.4560-4570
• /
• 2022

Dynamic fault tree (DFT) and its related research methods have received extensive attention in safety analysis and reliability engineering. DFT can perform reliability modelling for systems with sequential correlation, resource sharing, and cold and hot spare parts. A technical modelling method of DFT is proposed for modelling ship collision accidents and loss-of-coolant accidents (LOCAs). Qualitative and quantitative analyses of DFT were carried out using the cutting sequence (CS)/extended cutting sequence (ECS) method. The results show nine types of dynamic fault failure modes in ship collision accidents, describing the fault propagation process of a dynamic system and reflect the dynamic changes of the entire accident system. The probability of a ship collision accident is 2.378 × 10^-9 by using CS. This failure mode cannot be expressed by a combination of basic events within the same event frame after an LOCA occurs in a marine nuclear reactor because the system contains warm spare parts. Therefore, the probability of losing reactor control was calculated as 8.125 × 10^-6 using the ECS. Compared with CS, ECS is more efficient considering expression and processing capabilities, and has a significant advantage considering cost.

• 정보처리학회논문지A
• /
• 제15A권3호
• /
• pp.151-154
• /
• 2008

서비스 이동과 자원 상태 변화 등 실행 환경 변화가 빈번히 발생하는 그리드 컴퓨팅 환경은 다양한 응용 프로그램 작업 환경을 지원하고 사용자에게 끊임없는 작업 환경을 보장하기 위하여 고가용성을 지원하는 미들웨어가 필수적으로 필요하다. 기존의 분산 환경 미들웨어 역시 고가용성 지원 서비스가 일부 연구자에 의해 진행되고 있으나 공개표준은 아니며 다양한 그리드 서비스에 대한 고려가 없다. 본 논문에서는 환경에 따라 적응하는 서비스 미들웨어 런타임 서비스 관리 시스템을 통해 자율적으로 작업 환경을 재구성하도록 하여 미들웨어의 가용성을 증대시키고 안정적으로 서비스의 계속성과 데이터 및 자료의 일관성을 보장하는 방법을 제시하고 프로토타입 Wapee(Web-Service based Application Execution Environment)를 통해 실제 환경에서 적용 가능성을 확인한다.

• 한국시스템다이내믹스연구
• /
• 제16권3호
• /
• pp.5-29
• /
• 2015

The importance of the concept of safety culture has increased in the security of high-risk facility after Chernobyl accident in 1986. This paper elaborated the concept of safety culture and its main factors by Causal Loop Diagram. Due to the decline of safety culture, the occurrence of incidents and accidents require more and more corrective actions to the members of high-risk facilities and thereby increasing their workloads. Employees who must complete the task within the given time have to have time pressures and don't comply with the rules and procedures. Also, a schedule pressure is a big stress for employees, causing mistakes in precision work. In order to improve these problems, CLD of the safety culture in this paper suggests hiring more workers, re-allocation of given workloads and strengthen the learning, communication capabilities and safety leadership. In addition, the two real accident cases were analyzed to test the feasibility of the System Dynamic simulation model through the process of structuring the fault trees on the stationary black out accident in Kori unit 1 in South Korea and Kleen Energy power station explosion in US. The simulation results show that the various safety factors cause the serious accident combined with mechanical failure and safety culture will reduce the possibility of the accidents in these high-risk organizations. This simulation model can contribute to analyzing the impact of the organizational and human factors of safety culture and can provide the alternatives in high-risk facilities.

• 한국정보과학회논문지:정보통신
• /
• 제34권2호
• /
• pp.120-133
• /
• 2007

전송-수신 쌍들을 연결하는 많은 수의 경로들로 이루어진 멀티캐스트 트리에서 네트워크 구성요소의 실패는 멀티캐스트 트리의 일부를 손상시킬 수 있다. 그러나 하나의 구성요소의 실패를 복구하기 위해 전체 멀티캐스트 트리를 다시 만드는 것은, 실패의 영향을 받지 않은 경로를 사용하는 그룹 멤버들까지도 서비스의 중단을 겪어야 하기 때문에 바람직하지 않다. 본 논문은 QoS 멀티캐스트 트리에서 재구성해야 할 영역을 줄이면서 재구성의 성공 가능성을 최대화하는 계획된 재구성(Pre-Planned Reconfiguration: PPR) 정책을 제안한다. PPR 방식은 멀티캐스트 트리의 전송-수신 쌍을 연결하는 각 경로에 재구성 경로를 미리 만들고, 이들 경로에 필요한 자원을 미리 예약해 둔다. 이를 위해 우리는 기존 멀티캐스트 트리의 변화를 최소화하며 손상되지 않은 부분들의 서비스를 최대한 유지하는 재구성 경로의 라우팅 방법을 고안하였으며, 효율적 자원 공유 방법을 사용하여 재구성 경로들을 위해 예약된(실패가 일어나지 않을 경우 사용되지 않는) 자원의 양을 줄인다. PPR 방식은 실패 복구를 위해 여러 멀티캐스트 세션들이 동시에 엄청난 경쟁을 하는 것을 막을 수 있다. 시물레이션을 통해 최단경로 라우팅을 사용하는 전송자 중심 멀티캐스트 트리와 공유 멀티 캐스트 트리에서 각각 성능을 평가한 결과 PPR 방식은 적당한 오버헤드내에서 모든 그룹 멤버들에게 성공적인 재구성을 제공한다. 또한 PPR 방식은 그룹 멤버쉽이 동적으로 변화할 때에도 잘 적응한다.