1 / 15

Seismic Risk, Common Cause, and Failure Probability

Seismic Risk, Common Cause, and Failure Probability. When does multivariate probability = single- variate probability? Larry George, Problem Solving Tools January 20, 2013. Simplify Seismic R isk Analysis.

knoton
Télécharger la présentation

Seismic Risk, Common Cause, and Failure Probability

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Seismic Risk, Common Cause, and Failure Probability When does multivariate probability = single-variate probability?Larry George, Problem Solving ToolsJanuary 20, 2013

  2. SimplifySeismic Risk Analysis • Do you prefermultivariate (z1,z2,…,zk,m,S)or single-variate(z,m,s2’) for common cause? • Z = StressStrength • Failure probability =(z1,z2,…,zk,m,S) (Gaussian); • Z1, Z2,…, Zk are identically distributed and correlated • Positive correlation increases P[Zi = Zj] • Common cause or common-mode failure might make Z1 = Z2 =,…,= Zk= Z • Simplification works for copulas and for linear and affine transformations too: e.g. Z1 = a+bZ2

  3. Abstract for SRC 2013 www.stat.ucla.edu/src2013 • Seismic risk analysis computes P[cut sets] and P[cut set] = P[Xj > Yj] where component Xj is stress due to earthquake and Yj is component strength at failure • Wikipedia says “Common mode, or common cause, failure has a more specific meaning in engineering. It refers to events which are not statistically independent” • Stresses are dependent because they originate from the same earthquake • Like components may have dependent strengths at failures • Hierarchy of dependence: independent, dependent, correlated, equal random variables with some probability, identical non-random values of random variables • Nuclear industry avoids dependence in P[cut set] computations • EPRI (ASG) PRA recommends stress or strength correlation = 1.0 • NUREG/CR 6268 a-method focuses on combinations of common causes represented by single-variate failure probability for cut set • Karl Fleming likes mixture of Independent and single: (1a)P[X > Y]k+aP[X > Y] • What if correlated X1 = … = Xk = X or Y1 = … = Yk = Y? Then (z1,…,zk,m,S) = (z,m,s2’) with probability a of equal random variables • s2’= ((k1)r+1)s2/k for identically distributed Zj • Works for linear Z1 = a+bZ2 and affine transformations • Then P[cut set] = (1a)(z1,…,zk,m,S)+a(z,m,s2’) maybe (1a)(z,m,s2)k+a(z,m,s2’) if Z1-Zk are independent conditional on being unequal

  4. Outline • Philosophical origins:Reichenbachian common cause and other • Multivariate mechanical reliability, LOLP, and seismic risk • Common mode failures, common cause, and reliability • Bounds, approximations, and exact computations • How to simplify multivariate into single-variate normal computations

  5. Origins of “Common Cause” • Statistical correlation • Correlation = P[AB]  P[A]P[B] for binary events • Corr[X, Y] = E[(XmX)(YmY)] for random variables • Philosophical • Reichenbachian common cause “The Direction of Time” • P[AB|C]=P[A|C]P[B|C], P[AB|Cc]=P[A|Cc]P[B|Cc], P[A|C] > P[A|Cc], and P[B|C] > P[B|Cc] • C is a “screening” event • “Fallacy of the single cause” [Wikipedia] • Wikipedian: common mode failures (engineering) • “…events which are not statistically independent.”

  6. Reliability and Seismic Risk • Single variate • Mechanical failure model P[Stress > strength] • Electrical LOLP model P[Load > capacity] • Financial fragility model = P[Consumption > Income] • Multivariate: P[g(X, Y) = failure|Eq] where X is stress random vector, Y is strength random vector, and g() is a “structure” function that defines system failure in terms of part failures (or survival) • P[g(X, Y) = failure|Eq] = P[Cut Sets|Eq] and P[Cut Set|Eq] is P[Xj > Yj|Eq] • Multivariate normal or lognormal distributions • X components are dependent, Y components are dependent, and perhaps X and Y are dependent • Seismic risk = E[Cost|Earthquake] = SP[cutsets|Earthquake]*Failure costs[ cutsets|Earthquake]or unconditional earthquake risk SE[Cost|Earthquake]P[Earthquake]

  7. Dependence Comes From… • Common causes or common-mode failures occur among stresses (equal seismic responses) or strengths (equal part “fragilities”) • Why are similar or even redundant parts from same source? Vendor? Manufacturer? Why similar? Co-located? • Why are all auxiliary power generators diesel? From the same manufacturer? On the same fuel? With same maintenance? Co-located? • Options:

  8. Exact, Bounds,Simulation, and Numerical Approximations • Inclusion-exclusion P[cut sets] gives exact probability • Bonferroni, Hunter, and other bounds use first terms of inclusion-exclusion • Slepian’s lemma for multivariate normal with correlation orderings E[XiXj] ≤ E[YiYj] • Simulation and numerical approximation • (z1,z2,…,zk,m,S) has no closed mathematical form, so must evaluate by Monte Carlo (simulation) or multivariate integration [SEISIM] • Admittedly, (z,m,s2’) is computed numerically but accurately and quickly • Bounds, simulations, and numerical approximations have quantifiable error!

  9. Desperations? • P[Cut set] < (1a)P[X > Y]k+aP[X > Y] [NUREG/CR-6268, EPRI (SG), and Karl Fleming and AREVA consultants team] • a is probability of common cause and • < represents approximate upper bound that ignores dependence • a-factor method: P[k-out-of m parts] = ak k-1Cm-1 Qt[NUREG/CR 4780, 6268, and ReliaSoft] • ak = “probability that when a common cause basic event occurs in a common cause group of size m, it involves the failure of k components” • k-1Cm-1= number of combinations of k-1 out of m-1 • Qt = “total probability of each component failing due to all independent and common cause events,” avoids dependence too • These alternatives do not have quantifiable error, and bound on P[Cut set] may exceed 1.0!

  10. Inspirations? • SIMPLE SEISIM: Slepian’s Inequality Minimizes the Probability of Large Errors in SEISIM • SEISIM = Systematic Evaluation of Important Safety Improvement Measures [Sheihet al.] • Slepian’s lemma takes advantage of positive correlations • Co-located-stress-response X-vector and identical-part-fragility Y-vector may have equal random X values and Y values • Positive correlation increases probability of equal values of random variables

  11. Equality Makes Multivariate into Single-Variate Computation • Bivariate:(z1,z2,m,S|Z1=Z2) = constant*(z,m,s’), Z1 and Z2 are identically distributed and equal, correlated or not. (Notice means are the same?) • s’2 = (r+s2)/2 • constant = ((1r)/2), maybe. Still checking • Multivariate: (z1,..,zk,m,S|Z1=…=Zk) = constant*(z,m,s’), when z1,..,zk = z • s’2 = ((k1)r+1)s2/k • Constants depend on |S’| determinant of covariance matrix. Still checking • Trivariate: 6p(rs2)2 • Quadrivariate: -32p3(rs2)3 I don’t know what happens if < 0

  12. Extensions and Enhancements • Copulas Represent Dependence • Multivariate distribution F(z1,z2,…,zk) = C(F1(z1),…,Fk(zk)) where Fj() are marginal distributions and copula function C() captures dependence • Linear relation within X or Y vectors yields similar simplifications, changes variance-covariance s’ • Random affine relation, includes translation, changes mean vector too • E.g., bivariate Z1 = a+bZ2, then (z1,z2,m,S) = constant*(z,m’,s2’) Notice m changes too?

  13. Conclusions • If common causes, common failure modes, and equal random values, replace multivariate numerical integration or simulation with single-variatespreadsheet computations • Preserving dependence • Without approximations or bounds • Estimate joint distributions or copula representations of dependence • Estimate probabilities of equal random responses,common causes, and common failure modes • From field data, sample tests, expert opinions, in that order of preference

  14. Recommendations • Robustify: Why have response dependence? Identical fragilities? • Separate redundant safety systems so they don’t have same responses • Auxiliary power generators don’t have to be in same location, from same manufacturer, on same maintenance, fuel, or even same type: diesel vs. gas turbine vs. hydro vs. ??? • Options [Nicholas Taleb]: Use earthquake ground motion to generate power or store water? Use wind to generate power from tornado? Use heat from fire to power suppression system? Use steam to power reactor coolant (RCIP)? Use expert intuition to deal with confusion? • Contact pstlarry@yahoo.com for help with common-cause probability computations, ideally from data.

  15. References • George, L. L. “SIMPLE SEISIM…” UCRL, Lawrence Livermore National Laboratory, Aug. 4, 1984 • Ibid. “Multivariate Mechanical Reliability” ASQ Reliability Review, 1998 • Ibid. “Probability Problems in Seismic Risk Analysis and Load Combinations for Nuclear Power Plants,” UCRL 86245, LLNL, Sept. 1983 • Hunter, David, “An Upper Bound for the Probability of a Union,” J. Appl. Prob., Vol. 13, No. 3 (Sep., 1976), pp. 597-603 • Mosleh, Ali, Karl Fleming, G. Parry, H. Paula, D. Worledge, and D. Rasmuson, "Procedures for treating common cause failure," Safety and Reliability Studies, NUREG/CR4780 EPRI NP-5613, vol. 1, Jan. 1988 • ReliaSoft, “The Parametric Models for Common Cause Failure Analysis,” Reliability Hotwire, Issue 125, July 2011, http://www.weibull.com/hotwire/issue125/hottopics125.htm • Slepian, D.: The one sided barrier problem for Gaussian noise, Bell. Syst. Tech. J. 41, 463–501 (1962) • Shieh, L. C. et al., “Simplified Seismic Risk Assessment: Procedures and Limitations,” NUREG/CR 4331, July 1985 • Taleb, Nassim Nicholas, Antifragility, Things That Gain From Disorder, Random House, New York, 2012

More Related