#### Abstract

The test and maintenance activities are conducted in the nuclear power plants in order to prevent or limit failures resulting from the ageing or deterioration. The components and systems are partially or fully unavailable during the maintenance activities. This is especially important for the safety systems and corresponding equipment because they are important contributors to the overall nuclear power plant safety. A novel method for optimization of the maintenance activities in the nuclear power plant considering the plant safety is developed and presented. The objective function of the optimization is the mean value of the selected risk measure. The risk measure is assessed from the minimal cut sets identified in the Probabilistic Safety Assessment. The optimal solution of the objective function is estimated with genetic algorithm. The proposed method is applied on probabilistic safety analysis model of the selected safety system of the reference nuclear power plant. Obtained results show that optimization of maintenance decreases the risk and thus improves the plant safety. The implications of the consideration of different constraints on the obtained results are investigated and presented. The future prospects for the optimization of the maintenance activities in the nuclear power plants with the presented method are discussed.

#### 1. Introduction

Nuclear power plant (NPP) comprises multiple components and systems, which are maintained in order to limit or prevent failures resulting from the ageing or deterioration. The test and maintenance activities of safety systems components are especially important considering their dominant, but not exclusive, contribution to the NPP safety.

The test and maintenance activities of the NPP safety systems are conducted in order to verify and improve their availability. During test and maintenance, these safety systems are partially or fully unavailable. In order to ensure availability and the operability of the safety systems and the safety of the corresponding plant, the surveillance requirements (SR) together with the limiting conditions for operation (LCO) are included within technical specifications (TS) of the NPP [1]. The SR define the periodic surveillance tests including the type of surveillance test, test strategy, and frequency.

The optimization of the maintenance activates in the NPP considers single or multiple objective functions including the risk of the NPP and the maintenance cost reduction. Constraints considered in the maintenance optimization include different limitations: safety, allowable risk increase and unavailability of the safety systems; technical, overlapping of the maintenance activities, functional dependency between systems, and components in correlation to the SR; and operational, availability of the maintenance crew and time constraints considering finalization of the maintenance.

The objective of this paper is development and application of the new method for optimization of the maintenance activates in the nuclear power plant. The method applies exact, nonsimplified probability models for the components unavailability. The developed method considers operational constraints foreseen in real NPP. The developed method utilizes results obtained from Probabilistic Safety Assessment (PSA) for the assessment of the plant safety and optimization function. Optimization is done with genetic algorithm (GA), a heuristic optimization algorithm. The optimized parameters are test placement times of the components which go under maintenance.

The obtained results from the application of the developed method on test safety system of the reference nuclear power plant are presented. Implications of consideration of different constraints are investigated and obtained results are presented.

##### 1.1. State of the Art

Substantial research has been performed considering the maintenance scheduling (MS) problem. Most of the NPP MS optimization methods integrate the PSA optimization techniques with the optimization algorithms [1, 2].

The optimization of technical specification requirements and maintenance considering effectiveness and efficiency of common strategies has been proposed [3]. A simulation algorithm based on Monte Carlo method and a directed Acyclic Graph has been developed and applied for maintenance optimization [4]. The Reliability Centered Maintenance approach has been proposed for establishing the maintenance programs in the NPP [5–7].

The meta heuristic optimization algorithms are applied for solving MS optimization problem, including evolutionary algorithms [8–10], genetic algorithm [11–14], tabu search [15], simulated annealing [16], and ant colony [17]. The Particle Swarm Optimization (PSO) and the Differential Evolution Algorithm (DE) are modern meta heuristics evolutionary algorithms, which are applied for solving different optimization problems [18–22].

The method for MS optimization of the safety systems components is developed and optimized applying four different heuristic optimization algorithms. Obtained results from the optimization algorithms are analyzed and compared.

#### 2. Method Description

The fundamentals of PSA are described in Section 2.1. The modeling of the components and systems and definition of the optimization function are presented in Sections 2.2 and 2.3, respectively. The introduction of the constraints in the optimization function is presented in Section 2.4.

##### 2.1. Probabilistic Safety Assessment Fundamentals

Probabilistic Safety Assessment is a systematic probabilistic methodology for assessment of reliability and safety of the complex systems including NPP [23]. The event tree and the fault tree (FT) are two basic methods used in the PSA.

Event tree analysis is an inductive technique, which organizes and characterizes potential accidents in a methodological manner [24]. Fault tree analysis is the deductive modeling tool used in PSA to identify and assess the combinations of the undesired events in the context of the system operation and its environment that can lead to the undesired state of the system [25, 26]. The undesired state of the system is represented by a top event. The FT is based on Boolean algebraic and probabilistic basis that relates probability calculations to Boolean logic functions. The logical gates integrate the primary events to the top event, which corresponds to the undesired state of the system. The primary events are the events, which are not further developed, for example, the basic events and the house events. The basic events are the ultimate parts of the FT, which represent the undesired events, for example, the component or system failures.

Two types of results are obtained from the fault tree and event tree analysis. The qualitative results include the minimal cut sets (MCS) which are the combinations of components failures causing system failure. The quantitative results include the numerical probabilities of the NPP systems failures, cut sets probabilities, and overall core damage frequency (CDF). The CDF is a measure of risk and thus safety of the corresponding NPP.

The quantitative fault tree analysis represents a calculation of the top event probability: simplified and approximated (using rare event approximation) as where is top event probability of fault tree, is probability of the minimal cut set , and is number of identified minimal cut sets.

Probability of each minimal cut set is calculated using the relation of simultaneous occurrence of independent events: where is probability of the basic event describing failure of the component (i.e., failure probability of component ) and is number of basic events in minimal cut set .

In (3), the basic events are assumed to be mutually independent with common cause failures (CCF) modeled as separate basic events.

The accident sequences in the respective event tree are expressed as where is frequency of accident sequence and is the initiating event frequency.

The respective accident sequences frequencies, which end with the same plant damage state, are combined together into the plant damage state frequencies: where is frequency of the accident state, is frequency of the th accident sequence in th event tree (not necessarily mutually exclusive), is number of event trees, and is number of accident states in the event tree.

The accident frequency combines together the plant damage state frequencies: where is accident frequency (e.g., CDF), is the frequency of th accident state, and is number of accident states.

The prerequisite for the MS optimization is the time dependent probabilistic model for the components going under maintenance, presented in the following Section.

##### 2.2. Probabilistic Modeling of Components

There are number of probabilistic models for components with either constant in time or time dependent failure rates, such as probability per demand model and constant failure rate model [1, 27]. Input data to the component probabilistic model include a number of parameters such as failure rate, repair time, test interval, test duration, and test placement time. The time dependent probabilistic model for the periodically tested standby component is selected in the method: where is time dependent failure probability of the component , is ailure rate of the component , is probability of failure per demand of the component , is test placement time of the component , is test duration time of the component , is test interval of the component , is number of previous tests of the component , and MOD is function, dividing reminder.

The following assumptions are made in the component probabilistic model.(i)A repair is assumed to occur directly after a test if the component is failed at the test.(ii)The repair duration is assumed to be negligible compared to the test duration time TT.(iii)The ageing of the components is not considered, taking constant failure rate for all components.

Figure 1 shows the time dependent failure probability of the component given by (7). The -axis shows the elapsed time and -axis the system unavailability. The test placement time , test duration time and dividing reminder MOD are marked on -axis on Figure 1.

##### 2.3. Mean System Unavailability and Optimization Function

With the introduction of the time dependent model of components, given by (7) in (3), the time dependent top event probability is calculated by (1) or (2). The mean value of the system unavailability, calculated from the top event probability of the corresponding FT, is given as where is mean system unavailability (top event probability), is time dependent system unavailability, is the considered time interval, and is time dependent component failure probability.

Discrete variant of (8) over small time intervals is

Substituting top event probability with (2) and MCS probability with (3), the final relation for mean system unavailability is obtained:

The time interval in (10) should be selected in such way that maintenance of all components are considered in the calculation of the mean system unavailability. The time interval is assessed as where is index of component with largest (latest) test placement.

For all components going under maintenance, the time when maintenance is finished is calculated as sum of test placement and test duration time. The time interval is defined by (11) to be equal to the time when maintenance of the last component going under maintenance is finished. The time interval defined with (11) assures that maintenance of all components will be considered in the calculation of the mean system unavailability.

The mean system unavailability given by (10) represents the optimization function, with test placement times as a optimization variables.

Considering the assumptions in the component probabilistic model given in Section 2.2, only the unavailability of the components which go under the maintenance will change with time. This results in change of the MCS probability only containing these components. Therefore, the calculation of the mean system unavailability given by (10) can be simplified as where is optimization function, is mean system unavailability from the selected number of the MCS, and is number of the MCS that contain BE of components that go under maintenance.

For real NPP, it is anticipated that number of components going under maintenance will be smaller than number of all components considered in the system FT. Consequently, the application of (12) will decrease the complexity of the analysed problem and increasing the speed of the calculations.

The optimization function given with (12) is minimized with application of the GA heuristic optimization algorithm.

##### 2.4. Constraints Introduction

The involved constraints can be introduced in the optimization function by applying penalty functions: where is penalized optimization function and penalty is penalty function.

Penalty function penalty_{1} concerning the limiting value of the top event probability corresponding to the allowed threshold system unavailability in each time point is defined as
where penalty_{1} is penalty function for the limiting value of the top event probability constraint and is maximum allowed system unavailability. The value of is considered in the optimization algorithm.

Additional operating and planning constraints can be considered and implemented into the algorithm with the penalization of the optimization function. Those constraints include maintenance completion constraints and precedence constraints. With maintenance completion constraint, the test interval in which maintenance of the specific set of components is expected to be finished can be considered. With precedence constraint the maintenance sequence of the components that go under maintenance can be included in the maintenance optimization.

A special type of maintenance completion constraint is requisite components of given system or type, grouped in given set, to be maintained in common outage time interval. With introduction of this constraint the difference between test placement times of the components from the given set is minimized. Practical application of this constraint will be grouping in same time slot the maintenance activities of components that are from common system, type or are in same area of the NPP. This constraint is applied in the developed method with assessment of the sum of the differences of the test placement times between components in the given set and corresponding penalization of the optimization function. Penalty function penalty_{2} for this constraint is calculated as
where penalty_{2} is penalty function for the test placement times of the components from the given set constraint, is the sum of the differences of the test placement times of the components within set, is the number of the components in the set, and is user defined weighting coefficient.

The time interval when maintenance of all components is finished can be also considered in the optimization function. The penalty function penalty_{3} for this constraint is defined as
where penalty_{3} is penalty function for the time interval when maintenance of all components is finished constraint, is the time interval of the solution in the optimization algorithm, and is user defined weighting coefficient.

The overall penalty function in (13) is calculated as sum of the penalties of all constraints:

#### 3. Optimization Algorithm

The optimal test placements times minimizing the optimization function given by (12) and (13) are obtained applying genetic algorithm (GA), heuristic optimization algorithm.

The genetic algorithm is a search algorithm that is based on the concepts of natural selection and genetic inheritance. It searches an optimal solution by manipulating a population of strings (chromosomes) that represent different potential solutions, each corresponding to a sample point from the search space [14]. For each generation, all the populations are evaluated based on their fitness. An individual with a larger fitness has a higher chance of evolving into the next generation. The GA reduces the possibility of trapping into a local minimum by searching many peaks simultaneously. The coding of parameters helps the genetic operator to evolve the current state into the next state with minimum computations. GA evaluates the fitness of each string to guide its search instead of the explicit optimization function. There is no need for computations of derivatives or other auxiliary knowledge. The GA explores the search space where the probability of finding improved performance is high.

One of the most important elements of the heuristic optimization algorithms is the random number generator. The random number generator is essential for the heuristic selection within algorithm and generation of the initial population of solutions. The random number generator *ran2* is applied for generation of the initial population and heuristic selection [28]. The random number generator *ran2* returns a uniform random deviate between zero and one (exclusive of the endpoint values).

The verification and performance testing of the GA heuristic optimization algorithm is examined on the generalized Rastrigin’s function. The Rastrigin’s function is highly multimodal function with many local minima and one known global one, defined as where is number of variables (order) considered in the function and is function parameter, selected by the user.

The global optimum of the Rastrigin’s function, given by (18), is at . Value of is selected for the analysis. The analysis is done for and with the obtained results given in Table 1.

In the second row in Table 1 is the value of the Rastrigin’s function calculated with (18) and variables obtained from optimization algorithm. Third row contains sum of the relative errors for all parameters in percentiles while last row contains optimization algorithm calculation time given in seconds.

The default control parameters of the GA optimization algorithm are used in the analysis [29]. Results in Table 1 verify the GA optimization algorithms performance considering the assessment of the optimal solution of complex optimization function.

#### 4. Test System Description

The Auxiliary Feedwater System (AFW), with simplified diagram given on Figure 2, and corresponding fault tree is used for the application of the developed method [30, 31].

The AFW system provides feedwater to the steam generators (SG) to remove core heat from the primary system after reactor trip. The AFW is a frontline safety system. The analyzed AFW system, as shown on Figure 2, has three trains, two with electric motor driven pumps, MDPFW3B, and MDPFW3A and one turbine driven pump TDPFW2. All connections to the AFW system of the second unit at the site [30, 31] were removed from the original model. Basic event AFW-CCF-LK-STMBD representing event of undetected leakage through check valves CV27, CV58, and CV89 was also removed from the model.

Pumps draws suction from the condensate storage tank CST2 through CST1. Each AFW pump discharges to two parallel headers, Header A and Header B. Each of these headers can provide auxiliary feedwater flow to any or all of the three steam generators.

Figure 3 shows the part of the fault tree constructed for the AFW system, with top event corresponding to the failure to provide sufficient flow to at least one of three SG from at least one AFW pump.

The reference models and parameters for the basic events are used in the analysis [30]. The AFW system fault tree contains 103 basic events. In the qualitative fault tree analysis of the AFW system fault tree given on Figure 3, the 2488 minimal cut sets are identified. Table 2 shows first ten cut sets, ordered by their contribution to the top event probability.

First column in Table 2 contains number of the MCS with mean probability given in second column and share, in percentiles, to the top event probability in third column. The basic events of the minimal cut set are given in the following columns. The last row contains top event probability of the fault tree corresponding to the mean AFW system unavailability .

The quantitative PSA results include importance measures for the BE including Fussell-Vesely (FV) importance measure, Risk Reduction Worth (RRW), and Risk Achievement Worth (RAW). Table 3 shows the first ten basic events ordered by their Fussell-Vesely (FV) importance measure and six additional basic events representing components that will be considered to go under maintenance in the analysis.

The first column in Table 3 contains rank of the basic event considering FV importance measure. Basic event name and description are given in second and third column. The mean unavailability of the basic event is given in fourth column. The obtained FV is given in fifth column while RRW and RAW are given in the following two columns.

##### 4.1. Case Scenario Description

Two case scenarios are developed and analyzed with the developed method.

First case scenario has two basic events on maintenance, given in Table 4. Second column in Table 4 contains basic event that go under maintenance. The failure rate , test duration time and test interval are given in third, fourth and fifth column, respectively, and are assumed for this study. Basic events in Table 4 correspond to the failure of the turbine drive pump TDPFW2 and motor driven pump MDPFW3A to run for six hours.

The second case scenario includes ten basic events with parameters given in Table 5. Both components constituting case scenario 1 are included with same parameters in case scenario 2. The components in the second case scenario are grouped into three sets, depending on the type of components. Set 1 includes pumps of the AFW system represented with basic events 1–3, Set 2 includes check valves after the pumps given by basic events 4–6, while Set 3 includes basic events 7–10 representing the alternate (AC) and direct (DC) current buses of the emergency power supply system. The failure rate , test duration time and test interval are also assumed for this study.

The optimization of the case scenario 1 and case scenario 2 was done with the consideration of the constraint on the limiting value of the top event probability.

Case scenario 2 was analysed without and with consideration of the maintenance finalization constraints concerning grouping of the components from given set and time interval , when maintenance activities on all components are finished.

#### 5. Results

The obtained results from the application of the developed method presented in Section 2 on the test system given in Section 4 are presented here.

The test placement times obtained from optimization algorithms for case scenario 1 are given in Table 6. The obtained test placement time for first and second basic event are given in second and third row of Table 6. Fourth and fifth row of Table 6 present the obtained time interval and minimal mean system unavailability .

The system unavailability over time for the test placement times given in Table 6 is shown on Figure 4. The -axis on Figure 4 shows the elapsed time in hours while -axis shows the system unavailability. The mean system unavailability is marked with red line, the time interval with green line while the test placement times of both basic events with black dashed lines on Figure 4.

Figure 4 shows that the system unavailability never exceeds value of . The time interval was not considered in the optimization function resulting in large value that is comparable to the test interval of the components going under maintenance.

Obtained results for case scenario 2, without consideration of the maintenance finalization constraints, are given in Table 7 and Figure 5. Value of the , the sum of the differences of the test placement times of the components within the set, is included in Table 7.

Two main differences are identified in comparison to the results obtained for the case scenario 1. First difference is the increase of the mean system unavailability . This is expected considering the increased number of components going under the maintenance. The second difference is decrease of the time interval to the shortest test interval of the components going under the maintenance. This result is obtained because the optimization function is not penalized for the difference between the test placement and test interval of a given component as long as the test placement is smaller than the test interval.

Obtained results for case scenario 2 with consideration of the are given in Table 8 and Figure 6. The introduction of the in the optimization function results in decrease of the difference of test placement times of the components from the given set. Small increase of the mean system unavailability is obtained with the introduction of this constraint. Table 8 shows that decreased four times compared to the in Table 7. Figure 6 show that optimization algorithm clustered maintenance of the components from the given set, with Set 1 components going first under maintenance followed by Set 3 and Set 2. Figure 6 show that system unavailability over time never exceeds .

Results obtained for case scenario 2 with consideration of the time interval in addition to the constraints for and are given in Table 9 and Figure 7. Comparison of the time interval in Table 9 and Table 8 shows that the introduction of this constraint results in decrease of the time interval for 462 hours. Small decrease of the mean system unavailability and increase of the are identified in Table 9.

Obtained results show that the developed method successfully optimized test placement times of the components going under the maintenance. The results of the case scenarios with constraints show that the developed method effectively considered imposed constraints in the maintenance schedule optimization and the obtained results.

#### 6. Discussion

The surveillance requirements (SR), as stated in Section 1, define the periodic surveillance tests of the safety equipment in NPP and are included within technical specifications (TS). The main purpose of this inclusion is to assure availability and operability of the NPP safety equipment during all modes of operation of the NPP.

The test intervals of the components of the safety systems in the NPP are predefined integers and for most safety systems they are equal to the refueling outage intervals of a given plant. The online maintenance of the NPP components is conducted periodically in compliance with the TS and current regulations [32, 33]. Considering the risk-informed policy [33] and expected increase of the number of NPP components going under online maintenance, the application of the developed method for MS optimization of these components is anticipated.

The optimization in the example is done on a single safety system in the NPP, with no consideration of the maintenance of other safety systems in the NPP, their mutual interdependence and implication on overall plant risk. In the real NPP the maintenance of the components in multiple systems in the plant can result in substantial increase of the overall plant risk, even when maintenance on level of single system is optimal. During the refueling outage the optimization of the maintenance activities on system level is necessary in order to limit the instantaneous or cumulative risk increase bellow the prescribed limits. With the consideration of the plant damage state frequencies given by (6) as optimization function the developed method can be extended on the plant level.

The developed method can be upgraded with consideration of the components ageing and substitution of the constant failure rate in (7) with time depended failure rate function [34].

In the presented method only first test placement of a component is assessed. All following tests of the components are done in constant times. Further extension of the method will be to assess the following test placements of the component. Additional extension will be consideration of the wear-out of the components due to the testing in the optimization function, for example, in case of emergency diesel generators. The time dependent component model given with (7) can be simplified with the linearization of the exponential terms in the equations for small failure rates that is case for the components of the safety systems in the NPP. This approximation will decrease the complexity of the model with small implication on the obtained results. The obtained results can be additionally improved with analytical generation of the initial population in optimization algorithm.

The developed method is applicable for optimization of the MS of other complex system where reliability and safety are important and already have PSA models.

#### 7. Conclusions

Method for maintenance scheduling optimization of safety system components of the nuclear power plant is developed and presented. The developed method optimizes test placement times of the components going under maintenance considering the selected risk measure calculated from the results of the Probabilistic Safety Assessment. Constraints on system unavailability and test placement times are included in the optimization function. The optimal solution of the objective function is assessed with genetic algorithm.

The main advantages of the developed method are application of the time dependent probabilistic model for the periodically tested standby component in the assessment of the component unavailability and introduction of the maintenance completion constraint in the optimization function. The developed method can be extended with the consideration of the additional operating and planning constraints in the optimization function.

Obtained results from the application of the developed method on the test system confirm the effective optimization of the maintenance scheduling with consideration of the imposed maintenance completion constraints. The introduction of the constraint on the test placement times of the components within the set results in successful grouping of the maintenance activities of the components in the set. Decrease of the time interval is obtained with the consideration of this parameter in the optimization function. Small increase of the mean system unavailability is obtained with the consideration of the constraints in the optimization function.

The upgrade of the presented method with consideration of the components ageing, systems interdependencies and consideration of additional constraints are discussed. With the application of the risk-informed policy and consequential increase of number of the components which will go under online maintenance the importance of the maintenance scheduling optimization is going to increase. Developed method is applicable for both online maintenance optimization as well as optimization during the refueling outages.

#### Conflict of Interests

The authors declare that there is no conflict of interests regarding the publication of this paper.

#### Acknowledgments

This research was partly supported by the Slovenian Research Agency (research program P2-0026) and partly by the European Atomic Energy Community’s (Euratom) Seventh Framework Programme FP7/2007-2011 under Grant agreement no. 605001.