Risk-informed coordinated on-line test and maintenance for safety-critical standby instrumentation and control systems

There are two types of control systems in safety-critical applications: on-line regulation systems and standby safety (shutdown) systems. When a severe fault occurs, the standby systems will automatically begin to act to prevent any catastrophic consequences. However, the standby systems might not be completely reliable. Therefore, test and maintenance need to be performed to reveal any hidden failures. Current practice usually involves following the technical specifications given by the system manufacturers and tends to be conservative. A risk-informed coordinated maintenance framework for standby safety systems is developed in this thesis. There are three main components within this framework: (1) Probabilistic Safety Assessment (PSA), (2) Joint Failure Importance (JFI) and (3) unavailability and cost analysis. Firstly, the PSA is a widely adopted technique for analyzing safety systems. Currently, the results from the PSA are mainly used for regulatory purposes. This thesis investigates how to better utilize the information from PSA for maintenance-related decision-making. Secondly, because there are miscellaneous maintenance tasks in a complex utility, the coordination of maintenance work is of extreme importance. The JFI provides useful information on the interrelationship among the maintenance tasks. Furthermore, the notion of non-coherence becomes very important when it comes to scheduling the maintenance tasks. The JFI for non-coherent fault trees is investigated for the first time in the open literature. The last component of this framework is to investigate and to compare the performance of three test and maintenance strategies (corrective maintenance, preventive maintenance and predictive maintenance, all of which are performed on-line) for the k-out-of-n system which is a widely adopted configuration for standby safety systems. Sensitivity analyses are performed to reveal the effect of different parameters on the system performance. Thus a risk-informed coordinated on-line test and maintenance framework is formed. The Shutdown System Number One (SDS1) in Canadian Deuterium Uranium (CANDU) Nuclear Power Plants (NPPs) is used as an example to illustrate how this proposed maintenance framework functions.