Vinh N. Dang

Bayesian belief networks for human reliability analysis: A review of applications and gaps

The use of Bayesian Belief Networks (BBNs) in risk analysis (and in particular Human Reliability Analysis, HRA) is fostered by a number of features, attractive in fields with shortage of data and consequent reliance on subjective judgments: the intuitive graphical representation, the possibility of combining diverse sources of information, the use the probabilistic framework to characterize uncertainties. In HRA, BBN applications are steadily increasing, each emphasizing a different BBN feature or a different HRA aspect to improve. This paper aims at a critical review of these features as well as at suggesting research needs. Five groups of BBN applications are analysed: modelling of organizational factors, analysis of the relationships among failure influencing factors, BBN-based extensions of existing HRA methods, dependency assessment among human failure events, assessment of situation awareness. Further, the paper analyses the process for building BBNs and in particular how expert judgment is used in the assessment of the BBN conditional probability distributions. The gaps identified in the review suggest the need for establishing more systematic frameworks to integrate the different sources of information relevant for HRA (cognitive models, empirical data, and expert judgment) and to investigate algorithms to avoid elicitation of many relationships via expert judgment.

Comparing the treatment of uncertainty in Bayesian networks and fuzzy expert systems used for a human reliability analysis application

The use of expert systems can be helpful to improve the transparency and repeatability of assessments in areas of risk analysis with limited data available. In this field, Human Reliability Analysis (HRA) is no exception, and, in particular, dependence analysis is an HRA task strongly based on analyst judgement. The analysis of dependence among Human Failure Events refers to the assessment of the effect of an earlier human failure on the probability of the subsequent ones. This paper analyses and compares two expert systems, based on Bayesian Belief Networks and Fuzzy Logic (a Fuzzy Expert System, FES), respectively. The comparison shows that a BBN approach should be preferred in all the cases characterized by quantifiable uncertainty in the input (i.e. when probability distributions can be assigned to describe the input parameters uncertainty), since it provides a satisfactory representation of the uncertainty and its output is directly interpretable for use within PSA. On the other hand, in cases characterized by very limited knowledge, an analyst may feel constrained by the probabilistic framework, which requires assigning probability distributions for describing uncertainty. In these cases, the FES seems to lead to a more transparent representation of the input and output uncertainty.

A Bayesian approach to treat expert-elicited probabilities in human reliability analysis model construction

In human reliability analysis (HRA), models are often used for the prediction of human error probabilities (HEPs), given a set of performance conditions, typically represented by ratings on a set of influencing factors. The relationships underlying these models (yielding HEPs for specific sets of factor ratings) should ideally be built on empirical data. However the derivation of these relationships in practice has to cope with limited availability of data, so that a strong component of expert judgment is always present. Nevertheless, the incorporation of expert judgment in HRA models is typically not done in a formal way, so that that it is often impossible to distinguish source data and judgments. In this context, this paper presents a Bayesian approach to aggregate expert estimates on human error probabilities to determine the relationships of an HRA model. The idea is to build a computable model using information from experts, provided as estimates. A numerical example demonstrates that the approach formally and transparently represents (and distinguishes) the inherent variability of the HEP quantity as well as that of the experts providing their estimates.

Using Expert Models in Human Reliability Analysis—A Dependence Assessment Method Based on Fuzzy Logic

In human reliability analysis (HRA), dependence analysis refers to assessing the influence of the failure of the operators to perform one task on the failure probabilities of subsequent tasks. A commonly used approach is the technique for human error rate prediction (THERP). The assessment of the dependence level in THERP is a highly subjective judgment based on general rules for the influence of five main factors. A frequently used alternative method extends the THERP model with decision trees. Such trees should increase the repeatability of the assessments but they simplify the relationships among the factors and the dependence level. Moreover, the basis for these simplifications and the resulting tree is difficult to trace. The aim of this work is a method for dependence assessment in HRA that captures the rules used by experts to assess dependence levels and incorporates this knowledge into an algorithm and software tool to be used by HRA analysts. A fuzzy expert system (FES) underlies the method. The method and the associated expert elicitation process are demonstrated with a working model. The expert rules are elicited systematically and converted into a traceable, explicit, and computable model. Anchor situations are provided as guidance for the HRA analysts judgment of the input factors. The expert model and the FES-based dependence assessment method make the expert rules accessible to the analyst in a usable and repeatable way, with an explicit and traceable basis.

Dynamic safety assessment: Scenario identification via a possibilistic clustering approach

Abstract Dynamic safety and reliability methodologies aim at quantitatively describing the integrated dynamic response of the systems/components/operating crew during an accident by combining the models of the underlying process dynamics and human operator actions with the stochastic processes governing the failure, repair and state transitions of components and systems. The amount of information produced by such dynamic analyses, in terms of scenarios and probability distributions of the occurring events, is very broad and usually calls for a significant effort in the post-processing phase. In an attempt to retrieve and organize this information, the present paper presents an approach for identifying and grouping the scenarios resulting from a dynamic system safety analysis. The aim is to single out the principal patterns of system evolution with respect not only to the final system states but also to the time of events and to the process evolution. Due to the burden of the analysis, this is often overlooked in dynamic safety analyses, which mainly focus on the system states at the end of the scenarios with little consideration given to the actual evolution of the system towards these states. Monte Carlo simulation is exploited for generating stochastic scenarios that are then grouped by combining information from the end state, the sequence of events and the physical behavior of the process variables. The grouping is based on possibilistic clustering classification. The approach has been tested on scenarios produced by dynamic simulation of a chemical batch reactor of literature in which a highly exothermic process is worked out.

MEASURING THE INFLUENCE OF TASK COMPLEXITY ON HUMAN ERROR PROBABILITY: AN EMPIRICAL EVALUATION

A key input for the assessment of Human Error Probabilities (HEPs) with Human Reliability Analysis (HRA) methods is the evaluation of the factors influencing the human performance (often referred to as Performance Shaping Factors, PSFs). In general, the definition of these factors and the supporting guidance are such that their evaluation involves significant subjectivity. This affects the repeatability of HRA results as well as the collection of HRA data for model construction and verification. In this context, the present paper considers the TAsk COMplexity (TACOM) measure, developed by one of the authors to quantify the complexity of procedure-guided tasks (by the operating crew of nuclear power plants in emergency situations), and evaluates its use to represent (objectively and quantitatively) task complexity issues relevant to HRA methods. In particular, TACOM scores are calculated for five Human Failure Events (HFEs) for which empirical evidence on the HEPs (albeit with large uncertainty) and influencing factors are available . from the International HRA Empirical Study. The empirical evaluation has shown promising results. The TACOM score increases as the empirical HEP of the selected HFEs increases. Except for one case, TACOM scores are well distinguished if related to different difficulty categories (e.g., “easy” vs. “somewhat difficult”), while values corresponding to tasks within the same category are very close. Despite some important limitations related to the small number of HFEs investigated and the large uncertainty in their HEPs, this paper presents one of few attempts to empirically study the effect of a performance shaping factor on the human error probability. This type of study is important to enhance the empirical basis of HRA methods, to make sure that 1) the definitions of the PSFs cover the influences important for HRA (i.e., influencing the error probability), and 2) the quantitative relationships among PSFs and error probability are adequately represented.

A dynamic event tree informed approach to probabilistic accident sequence modeling: Dynamics and variabilities in medium LOCA

In Probability Safety Assessments, accident scenario dynamics are addressed in the accident sequence analysis task. In an analyst-driven, iterative process, assumptions are made about equipment responses and operator actions and simulations of the scenario evolution are performed. To calculate how scenario dynamics and stochastic variabilities may affect the results of this process in terms of estimated risk, this work applies Dynamic Event Trees (DETs) to more comprehensively examine the accident scenario space. Alternative event tree models are developed and the core damage frequency is quantified to reveal the effects of different delineations of the sequences and of the bounding assumptions underlying success criteria. The results from a case study on Medium-break Loss of Coolant Accident scenarios in a Pressurized Water Reactor are presented, considering the break size, available injection trains, and the timing of rapid cooldown and the switchover to recirculation. The results show not only that estimated risk can be very sensitive to the numerous assumptions made in current accident sequence analysis but also that bounding assumptions do not always result in conservative risk estimates, thereby confirming the benefits that DETs provide in terms of characterizing scenario dynamics.

Conventional and dynamic safety analysis: Comparison on a chemical batch reactor

Dynamic safety analysis methodologies are an attractive approach to tackle systems with complex dynamics (i.e. with behavior highly dependent on the values of the process parameters): this is often the case in various areas of the chemical industry. The present paper compares analyses with Probabilistic Safety Assessment (PSA)/Quantitative Risk Assessment (QRA) methods with those from a dynamic methodology (Monte Carlo simulation). The results of a case study for a chemical batch reactor from the literature, overall risk figure and main contributors, are examined. The comparison has shown that, provided that the event success criteria are appropriately defined, consistent results can be obtained; otherwise important accident scenarios, identifiable by the dynamic Monte Carlo simulation, are possibly missed in the application of conventional methods. Defining such criteria was quite resource-intensive: for the analysis of this small system, the success criteria definitions required many system simulation runs (about 1000). Such large numbers of runs may not be practical in industrial-scale applications. It is shown that success criteria obtained with fewer simulation runs could have led to different quantitative PSA results and to the omission of important accident scenario variants.

Methods for building Conditional Probability Tables of Bayesian Belief Networks from limited judgment: An evaluation for Human Reliability Application

Abstract The present paper evaluates five methods for building Conditional Probability Tables (CPTs) of Bayesian Belief Networks (BBNs) from partial expert information: functional interpolation, the Elicitation BBN, the Cain calculator, Fenton et al. and Roed et al. methods. The evaluation considers application to a specific field of risk analysis, Human Reliability Analysis (HRA). The five methods are particularly suited for HRA models calculating the human error probability as a function of influencing factor assessments. The performance of the methods is evaluated on two simple examples, designed to test aspects relevant for HRA (but not exclusively): the representation of strong factor influences and interactions, the representation of uncertainty on the BBN relationships, and the method requirements as the BBN size increases. The evaluation underscores modelling limitations related to the treatment of multi-factor interdependencies and of different degrees of uncertainty in the factor relationships. The functional interpolation method is the least susceptible to these limitations; however, its elicitation requirements grow exponentially with the model size. Besides expert judgment, HRA applications of BBNs include the use of empirical data, combination of data and judgment, information from existing HRA methods: the building of the CPTs in these applications is outside the scope of the evaluation.

Quantification of Dynamic Event Trees – A comparison with event trees for MLOCA scenario

Abstract Dynamic event trees (DETs) provide the means to simulate physical system evolutions, the evolution of system states due to stochastic events, and the dynamic interactions between these evolutions. For risk assessment, the framework avoids the need to specify a priori the sequence of stochastic events prior to the plant response simulation and to iterate between the definition of the sequences and simulation of the responses. For nuclear power plants, DETs have been applied to treat scenarios up to core damage as well as post-core damage accident scenarios. The quantification of the frequencies of the sequences leading to the undesired system outcomes, while conceptually straightforward, faces several implementation issues. These include, for instance, the treatment of support system dependencies and of events characterized by a continuous aleatory variable. Some solutions to these issues are proposed and applied in a case study dealing with Medium Break Loss of Coolant Accident (MLOCA) scenarios. Additionally, the results obtained from DET quantification are compared with those estimated with a “classical” event tree model for these scenarios. This comparison provides some case-specific results on the impact of the improved modeling of dynamics on risk estimates.