Human Reliability Analysis - KOCWcontents.kocw.net/KOCW/document/2015/hanyang/jemuseong/9.pdf · 2016. 9. 9. · Human Reliability Analysis, 2015 Fall, RE The proposed characterization

Human Reliability Analysis, 2015 Fall, RE

Human Reliability Analysis

May 2015

Moosung Jae [email protected]


HUMAN ERROR RATES

SWAIN. A. D., AND A. G. GUTTMANN, HANDBOOK OF HUMAN RELIABILITY ANALYSIS WITH EMPHASIS ON NUCLEAR POWER PLANT APPLICATIONS, DRAFT REPORT, NUREG/CR-1278, OCTOBER 1980.

THE NUMBERS

“REPRESENT OUR BEST JUDGMENT BASED ON OUR EXPERIENCE IN

COMPLEX SYSTEMS (INCLUDING NUCLEAR POWER PLANTS) AND ON OUR BACKGROUND IN EXPERIMENTAL AND ENGINEERING PSYCHOLOGY. THIS NECESSITY OF RELYING ON JUDGMENT IS A REGRETABLES STATE OF AFFAIRS, BUT A START NEEDS TO BE MADE, AND THIS HANDBOOK IS A FIRST STEP TOWARDS WHAT IS REALLY NEEDED - A LARGE DATA BANK OF HUMAN PERFORMANCE INFORMATION DIRECTLY RELATED TO NUCLEAR POWER PLANT TASKS”


인간오류의 분류

Annunciationof AbnormalEvent

Correct Diagnosis Within Time Allowed

Correct DiagnosisNot Within Time Allowed

EachMisdiagnosisWithin TimeAllowed

Correct Post-Diagnosis Actions Within Time Allowed

Correct Post-Diagnosis Action Not Within Time Allowed

Incorrect Post-Diagnosis Actions

No Post-Diagnosis Actions Performed

RecoveryWithin Time Allowed

Recovery NotWithin Time Allowed

Incorrect Recovery

(Nearly all PRAs have ignored this potential success path)

F

S

F

F

F

F

F Key: S=Success PathF=Failure Path

No DiagnosisMade

No Recovery Attempted

F

F

ASEP Classification: Success and Failure Paths Following an Abnormal Event


Td

Tm

Ta

T0

Key

T0 - Annunciation (or other compelling signal) of an abnormal event

Tm - Estimated maximum allowable time to have correctly diagnosis the abnormal event and to have completed the required post- diagnosis actions so as to achieve system success criteria established by systems analysts

Td - Estimated allowable time for a correct diagnosis which will still

permit sufficient time to perform required post-diagnosis actions prior to Tm

Ta - Estimated time needed to get to proper locations and to perform required post-diagnosis actions after a correct diagnosis

진단 및 수행 허용시간


Diagnosis Human Error Rates


The proposed characterization of the expected human behavior is based on the following interpretations of Rasmussen’s definition:

•The behavior can be classed as skill-based if the operator is well trained , motivated to perform the task, and has experience in performing the task with no ambiguity.

•The behavior can be classed as rule-based if the operator has a clearly understood set of rules to follow in responding to a well understood transient or situation.

•The behavior can be classed as knowledge-based if the above do not apply or the operator must understand the condition of the plan, interpret some of the instrument readings, or make a difficult diagnosis.

NO

OperationRoutine

PersonnelWell Practiced

In Use of Procedure

Human BehaviorType

ProcedureUnderstood By

Personnel

ProcedureCoversCase

ProdedureNot

Required

Transient or OperationUnambiguously

Understood by Operator

YESSKILL

RULE

KNOWLEDGE

SKILL

SKILL

RULE

RULE

KNOWLEDGE

KNOWLEDGE


ZD : N

1 19

20N

1 6

7N

LD :

MD :

HD :

CD :

1

2N

1N

인간오류의 의존성


• ZERO DEPENDENCE (ZD) : “THE QUALITY OF PERFORMANCE, INCLUDING NON-PERFORMANCE, OF ONE ACTIVITY HAS NO EFFECT ON THE PERFORMANCE OF SUBSEQUENT ACTIVITIES.”

• LOW DEPENDENCE (LD) : “IT IS A CONVENIENT ASSUMPTION TO MAKE WHEN THE

DEPENDENCE BETWEEN ACTIONS IS CLEARLY GREATER THAN ZERO BUT NOT MUCH GREATER.”

• MODERATE DEPENDENCE (MD) : “A LEVEL OF DEPENDENCE BETWEEN LD AND HD.”

• HIGH DEPENDENCE (HD) : “IT IS A CONVENIENT ASSUMPTION TO MAKE WHEN THE

DEPENDENCE BETWEEN TWO ACTIONS IS NOT COMPLETE BUT IS DEFINITELY TOWARDS THE HIGHER END OF THE DEPENDENCE CONTINUM.”

• COMPLETE DEPENDENCE (CD) : “COMPLETE DEPENDENCE BETWEEN THE ACTIONS

OF TWO PEOPLE IS RARE, BUT NOT AS RARE AS ZD. CD BETWEEN TWO ACTIONS PERFORMED BY THE SAME PERSON IS MORE COMMON.”

인간오류의 의존성 종류


(1) THERP (Technique for Human Error Rate Prediction)

PHASE 1 : FAMILIARIZATION PHASE 2 : QUALITATIVE ASSESSMENT

PHASE 3 : QUANTITATIVE ASSESSMENT

PHASE 4 : INCORPORATION

PLANT VISIT

REVIEW INFORMATION FROM SYSTEM ANALYSTS

ESTIMATE THE RELATIVE EFFECTS OF PERFORMNCE

SHAPING FACTORS

TALK-ORWALK-THROUGH

TASK ANALYSIS

DEVELOP HRA EVENT TREES

ASSIGN NOMINAL

HEPs

ASSESS DEPENDENCE

DETERMINE SUCCESS AND FAILURE PROBABILITIES

DETERMINE THE EFFECTS OF

RECOVERY FACTORS

PERFORM A SENSITIVITY ANALYSIS,

IF WARRANTED

SUPPLY INFORMATION TO SYSTEM ANALYSTS


Human Error Probability for errors of commission in reading and recording quantitative information from un-annunciated displays

Item Display or Task HEP EF

(1) Analog meter .003 3

(2) Digital readout (< 4 digits) .001 3

(3) Chart recorder .006 3

(4) Printing recorder with large number of parameters 0.05 5

(5) Graphs .01 3

(6) Values from indicator lamps that are used as quantitative displays .001 3

(7) Recognize that an instrument being read is jammed, if there are no indicators to alert the user

Recording task : Number of digits or letters to be recorded

.1 5

(8) 3 .001 (per symbol)

3

(10) Simple arithmetic calculations with or without calculators .01 3

(11) Detect out-of-range arithmetic calculations .05 5


Examples

TASK

NRC HANDBOOK

ZION PRA

μ σ MEAN

ERRORS OF OMMISSION

1. CHANGE OR TAG, WRONG VALVE WHERE THE DESIRED VALVE IS ONE OF TWO OR MORE ADJACENT, SIMILAR APPEARING MANUAL VALVES, AND AT LEAST ONE OTHER VALVE IS IN THE SAME STATE AS THE DESIRED VALVE, OR THE VALVES ARE MOVs OF SUCH TYPE THAT VALVE STATUS CANNOT BE DETERMINED AT THE VALVE ITSELF.

5ⅹ10-3(2ⅹ10-3-2ⅹ10-2) -5.30 1.08 9ⅹ10-3

2. CHANGE OR RESTORE, WRONG MOV SWITCH OR CIRCUIT BREAKER IN A GROUP OF SIMILAR APPEARING ITEMS (IN CASE OF RESTORATION, AT LEAST TWO ITEMS ARE TAGGED).

3ⅹ10-3(10-3 -10-2)

-5.81

0.94

4.7ⅹ10-3

3. GENERAL ERROR OF COMMISSION IN A NON-PASSIVE TASKS SUCH AS MAINTENANCE, TEST, OR CALIBRATION WHEN WRITTEN PROCEDURES ARE USED

3ⅹ10-3(10-3 -10-2)

-5.81

0.94

4.7ⅹ10-3


TASK

NRC HANDBOOK

Z/IP PRA

μ σ MEAN

ERRORS OF OMMISSION

1. NONPASSIVE TASKS (MAINTENANCE, TEST, CALIBRATION); USING PROCEDURES WITH CHECKOFF PROVISIONS.

i. SHORT LIST (≤10 SPECIAL INSTRUCTION

ITEMS)

ii. LONG LIST ( >10 SPECIAL INSTRUCTION

ITEMS)

10-3(5ⅹ10-4-5ⅹ10-3)

3ⅹ10-3(10-3 -10-2)

-6.91

-5.81

1.26

0.94

2.2ⅹ10-3

4.7ⅹ10-3

2. PASSIVE TASKS SUCH AS WALK-AROUND INSPECTIONS.

i. FAILURE TO RECOGNIZE AN INCORRECT

STATUS WHEN CHECKING EACH ITEMS AS

HE LOOKS AT IT.

ii. FAILURE TO RECOGNIZE AN INCORRECT

STATUS WHEN CHECKING OFF SEVERAL

ITEMS AFTER LOOKING AT SEVERAL.

10-2(5ⅹ10-3-5ⅹ10-2)

10-1(5ⅹ10-2-5ⅹ10-1)

-4.61

-2.30

1.21

1.26

2.2ⅹ10-2

2.2ⅹ10-2


Errors of Commission

PSFs

Error with PSF

Displays Display Selection

Read/Record Quantitative

Check-Read Quantitative Control & MOV Selection &Use

Locally Operated Valves

Valve Selection

Stuck Valve Detection

Tagging Levels

Stress/Experience

Dependence

Complexity, etc


Quantification Example


Table for Diagnosis Human Error Rates

Item

T (Minutes ** after T0

+)

Median joint HEP

for diagnosis of a

single or the first

event

E

F

Item

T (Minutes ** after T0

+)

Median joint HEP

for diagnosis of a

single or the first

event

E

F

(1)

1

1.0

--

(7)

1

1.0

--

(2)

10

.5

5

(8)

10

1.0

--

(3)

20

.1

1

0

(9)

20

.5

5

(4)

30

.01

1

0

(10)

3

.1

10

(5)

60

.001

1

0

(11)

40

.01

10

(6)

1500(~1day)

.0001

3

0

(12)

70

.001

10

(13)

1510

.0001

30


K-HRA Concepts

비상직무

일상직무

비상직무

진단오류

비상직무

수행오류

일상직무

수행오류

스트레스

수준

기본진단

오류확률

기본수행

오류확률

작업성격

기본수행

오류확률

보 정

Factor: PSF

보정:타인복구

가능성

보정:타인복구

가능성

진단여유

시간

주관심작업

경보유무

교육/훈련수준

절차서수준 작업복잡도

동시작업

교육/훈련수준

절차서수준

시간긴급성

상황심각성

작업위험성

교육/훈련수준

작업복잡도

절차서유무

작업경력


보정 방법 사례 : 책임작업 여부, 경보유무, 교육/훈련 및 경력, 절차서 수준

주관심작업 보정값절차서 수준교육/훈련 수준경보유무

예

예

아니오아니오

상(1)

상(1)

상(1)

상(1)

중(3)

중(2)

중(2)

중(2)하(20)

하(5)

하(5)

하(5)

없음(10)

없음(10)

없음(10)

20.0

HEP=1.0

20.0

7.0

4.0

5.0

3.0

1.0

1/2

2.0

1.0

1/3

1/6

HEP=1.0


직무유형 결정사례

작업복잡도 절차서수준 교육/훈련수준 동시작업유무Dynamic or

Step-by Step

단순

조절

상, 중

상, 중

하, 없음

하

없음

있음

Dynamic

Step-by Step


스트레스 수준 결정사례

시간긴급성 상황심각성 작업위험성 교육/훈련 수준 작업경력 스트레스 수준

Extremely High

Extremely High

Extremely High

Very Low

Optimum

Moderately High

Extremely High

Moderately High

예

예

예아니오

아니오

아니오

상(1)

중(3)

하(10)

숙련(1)

숙련(1)

미숙련(3)

미숙련(3)


복구실패률 할당사례

직무유형 스트레스 수준 기본수행

오류확률

감독자 복구

실패확률

Step-by-Step Very LOW 0.006 0.1

Optimum 0.003 0.1

Moderately High 0.01 0.1

Extremely High 0.05 0.3

Dynamic Very LOW 0.02 0.1

Optimum 0.01 0.1

Moderately High 0.03 0.2

Extremely High 0.15 0.3


일상직무 구분 사례

작업복잡도 절차서유무 작업경력 보정값

단순(1)

복잡(3)있음(1)

있음(1)

없음(3)

없음(3)

숙련(1)

숙련(1)

숙련(1)

숙련(1)

비숙련(1)

비숙련(1)

비숙련(1)

비숙련(1)2.0

1/5

1.0

5.0

5.0

1.0

3.0

15.0


ASEP (Accident Sequence Evaluation Program)

A.D. Swain 개발 (NUREG/CR-4772, 1987)

THERP을 단순화 시킨 방법

오류확률평가의 기본구조 – 인간오류는 진단오류와 수행오류로 구분하여 평가

• 인간오류 = 진단오류(mistake)확률 + 수행오류(slip)확률

– 진단오류 확률은 진단 여유시간에 대한 함수로 평가

– 수행오류는 세부단위 수행절차로 분해하여, 각 단위 수행절차의 실패 가능성을 평가하여 합산함으로써 수행오류 확률을 평가


(Hannaman, 1984), 중요한 인간오류는 사고 발생후 운전원이 상황을 판단하는 인식/진단과정에서 발생하며, 인간오류 확률은 허용시간에 영향을 받는다는 가정 Simulator 실험을 통하여, 운전원의 Non-Response 확률을 얻기 위한 모형개발

인식과정에 따른 3 종류 time-reliability curve (weibull 분포) 존재

운전원의 상황판단에 영향을 미치는 중요인자 – 작업의 성격(Skill, Rule, Knowledge) – 작업허용시간, 평균작업시간 – 수행특성인자 (운전원의 숙련도, 스트레스, 정보전달상태)

인식과정 (Rasmussen) – Skill-based : 반사적인 반응이 이루어지는 작업 – Rule-based : 사건전개에 대한 명확한 이해. 대응절차 숙지 – Knowledge-based : 사건전개에 대한 명확한 파악 힘듬. 경험에 의한 대처

Simulator 자료 Weibull, Lognormal 등

HCR (Human Cognitive Reliability) Model


수행단계 – Task Analysis

• 작업성격 (skill, rule, knowledge) • 작업허용시간, 평균작업시간 • 수행특성인자, Ki (i: 운전원 숙련도, 스트레스정도, 정보전달 상태)

– 대상 작업의 인식과정 Weibull 분포의 계수값 결정

– 평균작업시간을 수행특성인자를 고려하여 수정 보정 평균작업시간(T1/2) = 평균작업시간(T*1/2)ⅹ(1+K1)ⅹ(1+K2) ⅹ(1+K3) – 수식을 통한 Non-Response 확률값 계산


수행특성인자 계수

– 운전원 숙련도 (K1) 1. Well-trained 2. Average knowledge training 3. Novice

– 스트레스 정도 (K2)

1. Situation of grave emergency 2. Situation of potential emergency 3. Active, no emergency 4. Low vigilance

– 정보전달상태 (K3)

1. Excellent 2. Good 3. Fair 4. Poor 5. Extremely

-0.22 0.00 0.44

0.44 0.28 0.00 0.28

-0.22 0.00 0.44 0.78 0.92


Typical HCR Curves


Weibull 분포 및 관련계수

– 인식과정과 관련 Weibull 분포 계수

1/ 21/ 2

/( / ) exp[ ( ) ]Ci

t T BiP t T

Ai

1/ 2( / )P t T

t

1/ 2T

where, : non-response probability

: 작업허용시간

: 수행특성인자를 고려한 평균작업시간

인식과정

Skill 0.407 0.7 1.2

Rule 0.601 0.6 0.9

Knowledge 0.791 0.5 0.8

Ai Bi Ci

– 인식과정과 관련 weibull 분포 계수


Similarity

Matching

Frequency Gambling

Evaluate Options.

Close Relevant Goal

Options Goal

Predict Consequences

In Terms of Goals and

Constraints

State Target

Identification of System State

Definition

of Task

Focuse Task

Observation,

Scanning for Cues

Planning of

Procedure

Alert

Procedure

Activation

of Attention Execution

of Acts

Heuristics,

Short-Cuts

SM과 FG 메카니즘


과제 내용 HEP 중앙값 오류인자 평균 HEP 자료출처1) 종속성2) CHEP3)

A 적절한 교정작업 준비. 0.003 3 0.00375 7, No. 3 - 0.00375

B 교정기 출력을 증가시키며, 디지털 전압계의 출

력을 기록함. 0.001 3 0.00125 10, No. 2 ZD 0.00125

C 교정기 출력을 증가시키며, 디지털 전압계의 출

력을 기록함. 0.001 3 0.00125 10, No. 2 HD 0.00625

D 수위전송기 LT960을 적절히 교정함. 0.001 3 0.00125 10, No. 2 ZD 0.00125

E 교정기 출력을 증가시키며, 디지털 전압계의 출

력을 기록함. 0.001 3 0.00125 10, No. 2 ZD 0.00125

F 교정기 출력을 증가시키며, 디지털 전압계의 출

력을 기록함. 0.001 3 0.00125 10, No. 2 HD 0.00625

G 수위전송기 LT960을 올바로 설치함. 0.001 3 0.00125 7, No. 1 ZD 0.00125

RWST 수위전송기 (LT960) 교정에 대한 수행과제분석과 운전원오류확률

1) 자료출처는 HRA 핸드북(NUREG/CR-1278) 제 20장의 표 번호와 항목번호를 나타낸 것임. 2) 종속성 : ZD - 무종속성, HD - 고종속성 3) CHEP : 조건부 운전원오류확률 (Conditional Human Error Probability)


The following system shown in Figure 1 is to deliver a chemical solution from Tank A to Tank B,

which, in turn, provides an active solution for radioacivity removal by the Containment Spray

Injection and Containment Spray Recirculation Systems. The following information is given:

a. Manual stop valves V1, V2, V5 and V6 are normally open

b. Motor operated valves V3 and V4 are normally closed. These two valves are opened automatically

by the Consequence Limiting Control System (not shown) issuing an electrical signal to the control

circuits of the two valves when the LOCA occurs. The chemical solution is then free to flow from A to

B under the influence of gravity

c. Only one of the two flow paths need be open for system success.

d. Each Motor Operated Valve is separately tested every month.

During the test both manual valves of the corresponding leg are closed.

(1) Find the probability that the two legs will fail to add chemical solution to Tank B upon demand.

State clearly your assumptions and the sources of your data.

(2) Identify the various contributions to this probability, e. g., human errors, hardware and test

contributions, etc. Neglect the common-cause failures.

HW#7


Fig. 1. An example system

Documents

Human Reliability Analysis - KOCWcontents.kocw.net/KOCW/document/2015/hanyang/jemuseong/9.pdf · 2016. 9. 9. · Human Reliability Analysis, 2015 Fall, RE The proposed characterization