Nuclear power plant (NPP) risk assessment is broadly separated into disciplines of nuclear safety, security, and safeguards. Different analysis methods and computer models have been constructed to analyze each of these as separate disciplines. However, due to the complexity of NPP systems, there are risks that can span all these disciplines and require consideration of safety-security (2S) interactions which allows a more complete understanding of the relationship among these risks. A novel leading simulator/trailing simulator (LS/TS) method is introduced to integrate multiple generic safety and security computer models into a single, holistic 2S analysis. A case study is performed using this novel method to determine its effectiveness. The case study shows that the LS/TS method avoided introducing errors in simulation, compared to the same scenario performed without the LS/TS method. A second case study is then used to illustrate an integrated 2S analysis which shows that different levels of damage to vital equipment from sabotage at a NPP can affect accident evolution by several hours.
Nuclear security relies on the method of vital area identification (VAI) to inform the sabotage target locations within a nuclear power plant (NPP) that need to be protected. The VAI methodology uses fault trees (FTs) and event trees (ETs) to identify locations in the NPP that contain vital systems, structures, or components. However, the traditional FT/ET process cannot fully capture the dynamics occurring following NPP sabotage or of mitigating actions. A methodology is presented which examines the consequences of sabotage to NPP systems using the dynamic probabilistic risk assessment approach to explore these dynamics. A force-on-force computer code determines the timing and extent of damage to NPP systems and a reactor response code models the effects of this damage on the reactor. These two codes are connected using the novel leading simulator/trailing simulator (LS/TS) methodology. A case study is created using the LS/TS methodology to model an adversary attack on an NPP. This case study models uncertainties in an adversary attack and in the response to determine if reactor core damage would occur, and the time to core damage, as well as the extent of core damage, if damage occurs.
Nuclear facilities in the U.S. and around the world face increasing challenges in meeting evolving physical security requirements while keeping costs reasonable. The addition of security features after a facility has been designed and without attention to optimization (the approach of the past) can easily lead to cost overruns. Instead, security should be considered at the beginning of the design process in order to provide robust, yet efficient physical security designs. The purpose of this work is to demonstrate how modeling and simulation can be used to optimize the design of physical protection systems. A suite of tools, including Scribe3D and Blender, were used to model a generic electrochemical reprocessing facility. Physical protection elements such as sensors, portal monitors, barriers, and guard forces were added to the model based on best practices for physical security. Two theft scenarios (an outsider attack and insider diversion) as well as a sabotage scenario were examined in order to optimize the security design. Security metrics are presented. This work fits into a larger Virtual Facility Distributed Test Bed 2020 Milestone in the Material Protection, Accounting, and Control Technologies (MPACT) program through the Department of Energy (DOE). The purpose of the milestone is to demonstrate how a series of experimental and modeling capabilities across the DOE complex provide the capabilities to demonstrate complete Safeguards and Security by Design (SSBD) for nuclear facilities.
Risk assessment of nuclear power plants (NPPs) is commonly driven by computer modeling which tracks the evolution of NPP events over time. To capture interactions between nuclear safety and nuclear security, multiple system codes each of which specializes on one space may need to be linked with information transfer among the codes. A systems analysis based on fixed length time blocks is proposed to allow for such a linking within the ADAPT framework without needing to predetermine in which order the safety/security codes interact. A case study using two instances of the Scribe3D code demonstrates the concept and shows agreement with results from a direct solution.
This document details the development of modeling and simulations for existing plant security regimes using identified target sets to link dynamic assessment methodologies by leveraging reactor system level modeling with force-on-force modeling and 3D visualization for developing table-top scenarios. This work leverages an existing hypothetical example used for international physical security training, the Lone Pine nuclear power plant facility for target sets and modeling.
This document details the development of modeling and simulations for existing plant security regimes using identified target sets to link dynamic assessment methodologies by leveraging reactor system level modeling with force-on-force modeling and 3D visualization for developing table-top scenarios. This work leverages an existing hypothetical example used for international physical security training, the Lone Pine nuclear power plant facility for target sets and modeling.