Risk-Informed and Performance-Based Regulation

This sounds like exotic science and engineering...underneath it all is unquestionable self interested assumptions and judgements. There is no facts and evidence here. It's pseudoscience built on a house of cards.

The common useage of the nuclear word "safety" is grossly corrupted by the explanation of the below.     

(Neat NRC explanations and definitions)

Risk-Informed and Performance-Based Regulation

The NRC has established its regulatory requirements, in both reactor and materials applications, to ensure that "no undue risk to public health and safety" results from licensed uses of Atomic Energy Act (AEA) materials and facilities.

The objective of these requirements has always been to assure that the probabilities of accidents with the potential for adversely affecting public health and safety are low. For reactors, these probabilities were not quantified in a systematic way until 1975 when the Reactor Safety Study (WASH-1400) was published. For non-reactor activities, the situation is more complex. In some areas, high-level waste disposal and transportation, risk assessment has been in use since the 1970s; in others, such quantification is still evolving. Consequently, most of NRC's regulations were developed without the benefit of quantitative estimates of risk. The perceived benefits of the deterministic and prescriptive regulatory requirements were based mostly on experience, testing programs and expert judgment, considering factors such as engineering margins and the principle of defense-in-depth.

There have been significant advances in and experience with risk assessment methodology since 1975. Thus, the Commission is advocating certain changes to the development and implementation of its regulations through the use of risk-informed, and ultimately performance-based, approaches. The Probabilistic Risk Assessment (PRA) Policy Statement (60 FR 42622, August 16, 1995) formalized the Commission's commitment to risk-informed regulation through the expanded use of PRA. The PRA Policy Statement states, in part, "The use of PRA technology should be increased in all regulatory matters to the extent supported by the state of the art in PRA methods and data, and in a manner that complements the NRC's deterministic approach and supports the NRC's traditional defense-in-depth philosophy."

The transition to a risk-informed regulatory framework is expected to be incremental. Many of the present regulations are based on deterministic and prescriptive requirements that cannot be quickly replaced. Therefore, the current requirements will have to be maintained while risk-informed and/or performance-based regulations are being developed and implemented.

To understand and apply the commitment expressed in the PRA Policy Statement, it is important that the NRC, the regulated community, and the public at large have a common understanding of the terms and concepts involved; an awareness of how these concepts (in both reactor and materials arenas) are to be applied to NRC rulemaking, licensing, inspection, assessment, enforcement, and other decision-making; and an appreciation of the transitional period in which the agency and industry currently operate

1. Risk and Risk Assessment: This paper defines risk in terms that can be applied to the entire range of activities involving NRC licensed use of AEA materials. The risk definition takes the view that when one asks, "What is the risk?" one is really asking three questions: "What can go wrong?" "How likely is it?" and "What are the consequences?" These three questions can be referred to as the "risk triplet." The traditional definition of risk, that is, probability times consequences, is fully embraced by the "triplet" definition of risk.
 The first question, "What can go wrong?" is usually answered in the form of a "scenario" (a combination of events and/or conditions that could occur) or a set of scenarios. The second question, "How likely is it?" can be answered in terms of the available evidence and the processing of that evidence to quantify the probability and the uncertainties involved. In some situations, data may exist on the frequency of a particular type of occurrence or failure mode (e.g., accidental overexposures). In other situations, there may be little or no data (e.g., core damage in a reactor) and a predictive approach for analyzing probability and uncertainty will be required. The third question, "What are the consequences?" can be answered for each scenario by assessing the probable range of outcomes (e.g., dose to the public) given the uncertainties. The outcomes or consequences are the "end states" of the analyses. The choice of consequence measures can be whatever seems appropriate for reasonable decision-making in a particular regulated activity and could involve combinations of end states. A risk assessment is a systematic method for addressing the risk triplet as it relates to the performance of a particular system (which may include a human component) to understand likely outcomes, sensitivities, areas of importance, system interactions and areas of uncertainty. From this assessment the important scenarios can be identified.

2. Deterministic and Probabilistic Analyses: All safety regulation ultimately is concerned with risk and addresses the three questions discussed in item 1 above. In practice, NRC addresses these three questions through the body of regulations, guidance, and license conditions that it uses to regulate the many activities under its jurisdiction. The current body of regulations, guidance and license conditions is based largely on deterministic analyses and is implemented by prescriptive requirements. As described in the PRA Policy Statement, the deterministic approach to regulation establishes requirements for engineering margin and for quality assurance in design, manufacture, and construction. In addition, it assumes that adverse conditions can exist and establishes a specific set of design basis events (i.e., what can go wrong?). The deterministic approach involves implied, but unquantified, elements of probability in the selection of the specific accidents to be analyzed as design basis events. It then requires that the design include safety systems capable of preventing and/or mitigating the consequences (i.e., what are the consequences?) of those design basis events in order to protect public health and safety. Thus, a deterministic analysis explicitly addresses only two questions of the risk triplet. In addition, traditional regulatory analyses do not integrate results in a comprehensive manner to assess the overall safety impact of postulated initiating events.
 PRA and other risk assessment methods (also described in the PRA Policy Statement) consider risk (i.e., all three questions) in a more coherent, explicit, and quantitative manner. Risk assessment methodology examines systems and their interactions in an integrated, comprehensive manner. Probabilistic analysis explicitly addressesa broad spectrum of initiating events and their event frequency. It then analyzes the consequences of those event scenarios and weights the consequences by the frequency, thus giving a measure of risk. Since risk assessment methods were first used to gain a better understanding of the risk associated with some of the activities and facilities that the NRC regulates, substantial event data and increased sophistication and experience in the use of certain risk assessment methods (e.g., Probabilistic Risk Assessment (PRA), IntegratedSafety Assessment (ISA), and Performance Assessment (PA)) have been acquired. Accordingly, there is now the opportunity to enhance the traditional approach by more explicitly addressing risk and incorporating the insights thus gained. While the traditional deterministic approach to regulation has been successful in ensuring no undue risk to public health and safety in the use of nuclear materials, opportunities for improvement exist. Given the broad spectrum of equipment and activities covered, the regulations can be strengthened and resources can be allocated to ensure that they are focused on the most risk-significant equipment and activities, and to ensure a consistent and coherent framework for regulatory decision-making. The different "risk-informed" and/or "performance-based" approaches to regulation described below, if properly applied singly or in combination, would provide such a framework. 3. "Risk Insights": The term "risk insights," as used here, refers to the results and findings that come from risk assessments. The end results of such assessments may relate directly to public health effects as in the Commission's Safety Goals for the Operation of Nuclear Power Plants. For specific applications the results and
findings may take other forms. For example, for reactors these include such things as identification of dominant accident sequences, estimates of core damage frequency (CDF)(1) and large early release frequency (LERF)(2), and importance measures of structures, systems, and components. On the other hand, in other areas of NRC
regulation, findings and results include risk curves(3) for disposal facilities for radioactive wastes, frequency of and costs associated with accidental smelting of sealed sources at steel mills, frequency of occupational exposures, predicted dose from decommissioned sites and many others. Risk insights have already been incorporated successfully into numerous regulatory activities, and have proven to be a valuable complement to traditional deterministic approaches. Given the current maturity of some risk
assessment methodologies and the current body of event data, risk insights can be incorporated more explicitly into the regulatory process in a manner that will improve both the efficiency and effectiveness of current regulatory requirements. 4. "Risk-Based Approach": Regulatory decision-making is required in both the development of regulations and guidance and the determination of compliance with those regulations and guidance. A "risk-based" approach to regulatory decision-making is one in which such decision-making is solely based on the numerical results of a risk assessment. This places heavier reliance on risk assessment results than is currently practicable for reactors due to uncertainties in PRA such as completeness. Note that the Commission does not endorse an approach that is "risk-based"; however, this does not invalidate the use of probabilistic calculations to demonstrate compliance with certain criteria, such as dose limits.
 5. "Risk-Informed Approach": A "risk-informed" approach to regulatory decision making represents a philosophy whereby risk insights are considered together with other factors to establish requirements that better focus licensee and regulatory attention on design and operational issues commensurate with their importance to public health and safety. A "risk-informed" approach enhances the deterministic approach by: (a) allowing explicit consideration of a broader set of potential challenges to safety, (b) providing a logical means for prioritizing these challenges based on risk significance, operating experience, and/or engineering judgment, (c) facilitating consideration of a broader set of resources to defend against these challenges, (d) explicitly identifying and quantifying sources of uncertainty in the analysis (although such analyses do not necessarily reflect all important sources of uncertainty), and (e) leading to better decision-making by providing a means to test the sensitivity of the results to key assumptions. Where appropriate, a risk-informed regulatory approach can also be used to reduce unnecessary conservatism in purely deterministic approaches, or can be used to identify areas with insufficient conservatism in deterministic analyses and provide the bases for additional requirements or regulatory actions. "Risk-informed" approaches lie between the "risk-based" and purely deterministic approaches. The details of the regulatory issue under consideration will determine where the risk-informed decision falls within the spectrum.
 6. "Risk-Informed Approach and Defense-in-Depth": The concept of defense-in depth(4) has always been and will continue to be a fundamental tenet of regulatory practice in the nuclear field, particularly regarding nuclear facilities. Risk insights can make the elements of defense-in-depth more clear by quantifying them to the extent practicable. Although the uncertainties associated with the importance of some elements of defense may be substantial, the fact that these elements and uncertainties have been quantified can aid in determining how much defense makes regulatory sense. Decisions on the adequacy of or the necessity for elements of defense should reflect risk insights gained through identification of the individual performance of each defense system in relation to overall performance.
 7. "Performance-Based Approach": A regulation can be either prescriptive or performance-based. A prescriptive requirement specifies particular features, actions, or programmatic elements to be included in the design or process, as the means for achieving a desired objective. A performance-based requirement relies upon measurable (or calculable) outcomes (i.e., performance results) to be met, but provides more flexibility to the licensee as to the means of meeting those outcomes. A performance-based regulatory approach is one that establishes performance and results as the primary basis for regulatory decision-making, and incorporates the following attributes: (1) measurable (or calculable) parameters (i.e., direct measurement of the physical parameter of interest or of related parameters that can be used to calculate the parameter of interest) exist to monitor system, including facility and licensee, performance, (2) objective criteria to assess performance are established based on risk insights, deterministic analyses and/or performance history, (3) licensees have flexibility to determine how to meet the established performance criteria in ways that will encourage and reward improved outcomes; and (4) a framework exists in which the failure to meet a performance criterion, while undesirable, will not in and of itself constitute or result in an immediate safety concern. The measurable (or calculable) parameters may be included in the regulation itself or in formal license conditions, including reference to regulatory guidance adopted by the licensee. This regulatory approach is not new to the NRC. For instance, the Commission previously has approved performance-based approaches in 10 CFR Parts 20, 50 (Option B, Appendix J and the Maintenance Rule,10 CFR50.65), 60, and 61. In particular, the Commission weighed the relative merits of prescriptive and performance-based regulatory approaches in issuing 10 CFR Part 60.
 

A performance-based approach can be implemented without the use of risk insights. Such an approach would require that objective performance criteria be based on deterministic safety analysis and performance history. This approach would still provide flexibility to the licensee in determining how to meet the performance criteria.Establishing objective performance criteria for performance monitoring may not be feasible for some applications and, in such cases, a performance-based approach would not be feasible.
 As applied to inspection, a performance-based approach tends to emphasize results (e.g., can the pump perform its intended function?) over process and method (e.g., was the maintenance technician trained?). Note that a performance-based approach to inspection does not supplant or displace the need for compliance with NRC requirements, nor does it displace the need for enforcement action, as appropriate, when non-compliance occurs. (5)As applied to licensee assessment, a performance-based approach focuses on a licensee's actual performance results (i.e., desired outcomes), rather than on products (i.e., outputs). In the broadest sense, the desired outcome of a performance-based approach to regulatory oversight will be to focus more attention and NRC resources on those licensees whose performance is declining or less than satisfactory. 8. "Risk-Informed, Performance-Based Approach": A risk-informed, performance-based approach to regulatory decision-making combines the "risk-informed" and "performance-based" elements discussed in Items 5 and 7, above, and applies these concepts to NRC rulemaking, licensing, inspection, assessment, enforcement, and other decision-making. Stated succinctly, a risk-informed, performance-based regulation is an approach in which risk insights, engineering analysis and judgment including the principle of defense-in-depth and the incorporation of safety margins, and performance history are used, to (1) focus attention on the most important activities, (2) establish objective criteria for evaluating performance, (3) develop measurable or calculable parameters for monitoring system and licensee performance, (4) provide flexibility to determine how to meet the established performance criteria in a way that will encourage and reward improved outcomes, and (5) focus on the results as the primary basis for regulatory decision-making.
 

The definitions and concepts in this paper have proven suitable for application to nuclear power plants and certain nonreactor activities (e.g., PA of geologic repositories). While different in detail, these activities are similar in terms of system complexity and the application of probabilistic methods to the determination of safety. In simpler situations, the concepts and definitions should prove equally suitable provided that NRC adopts a flexible framework for the implementation of risk-informed, and ultimately performance-based, regulation across the full spectrum of the materials, processes, and facilities regulated by the NRC.

1. CDF is the frequency of the combinations of initiating events, hardware failures, and human errors leading to core uncovery with reflooding of the core not imminent.

2. LERF is the frequency of those accidents leading to significant, unmitigated releases from containment in a timeframe prior to effective evacuation of the close-in population such that there is a potential for early health effects.

3. Risk curves (also known as Complementary Cumulative Distribution Functions (CCDFs) or Farmer curves) are estimates of the probability that a given consequence will be exceeded.

4. Defense-in-depth is an element of the NRC's Safety Philosophy that employs successive compensatory measures to prevent accidents or mitigate damage if a malfunction, accident, or naturally caused event occurs at a nuclear facility. The defense-in-depth philosophy ensures that safety will not be wholly dependent on any single element of the design, construction, maintenance, or operation of a nuclear facility. The net effect of incorporating defense-in-depth into design, construction, maintenance, and operation is that the facility or system in question tends to be more tolerant of failures and external challenges.

5. Not every aspect of licensed activities can or should be inspected using this approach. For example, if a licensee is unsuccessful in meeting the criteria defined by a performance-based regulation, the inspector should then focus on the licensee's process and method, to understand the root cause of the breakdown in performance, and to understand how future poor performance may be avoided.