Validation of the Open PSA Model Exchange Format

Download as PDF

Validation Project for the Open-PSA Model Exchange using RiskSpectrum® and CAFTA®

Steven Epstein [ref]ABS Consulting, Yokohama, Japan[/ref], F. Mark Reinhart [ref]Vienna, Austria[/ref], and Antoine Rauzy [ref]Dassault Systemes, Paris, France[/ref]

Abstract: Under the sponsorship of the Institut pour la Maîtrise des Risques (IMdR), and supported financially and technically by more than ten European and US organizations (see section 4), this validation project has been successfully completed with both RiskSpectrum®, from Relcon
Scandpower and CAFTA®, from EPRI.
Keywords: PRA, Nano Structures, Dynamic PSA, list no more than 4 keyword phrases


Over the last 5 years, much work has been done which shows the interest and the necessity to improve both models and assessment tools in Probabilistic Safety Analyses (PSA). The following issues are of special importance.

  • Quality insurance of calculations;
  • Reliance of approximations and cutoffs;
  • Portability of models between different software;
  • Clarity and documentation of the models;
  • Completeness of the models;
  • Better visualization of PSA results;
  • Interoperability of the different tools.

1.1. The Open-PSA Initiative

The Open-PSA Initiative for a new generation of Probabilistic Safety Analyses was launched during spring 2007. This initiative aims to provide the community with an open forum of discussion and exchange. It has the ambition to help the design of new methods and new tools, bringing to the international PSA community the benefits of an open initiative, and to bring together the different groups who engage in large scale PSA, in a non-competitive and commonly shared organization.

Stimulated by ongoing international interest to improve Probabilistic Safety Analyses (PSA) as well as by improvements in computer algorithms, the Open PSA Initiative was initiated in early 2007. Since its inception, the Open PSA Initiative has involved numerous discussions among international interests and has held a series of ten meetings in Austria, France (3), Japan, Spain, Sweden, Switzerland, and the United States (2).

Interest has been demonstrated by participation by representatives from the
following nations: Belgium, the Czech Republic, Estonia, Finland, France, Germany, Greece, Hungary, Italy, Japan, Lithuania, The Netherlands, Russia, Slovenia, Spain, Sweden, Switzerland, United States, the European Union, and the IAEA. In addition, a presentation to the U.S. NRC Advisory Committee on Reactor Safeguards, PRA Subcommittee was well received.

1.2. The Open-PSA Model Exchange Format

The very first objective of the Open-PSA initiative is the design of a Model Exchange Format for Probabilistic Safety Analyses. This format will make it possible to represent Fault Tree/Event Tree models. It will be complete and expressive enough to embed all existing models and open enough to provide room for future needs. It may be the kernel of an open architecture for the next generation of Probabilistic Safety Assessment tools.

The design of such a format is clearly a mandatory step to be able to tackle the issues mentioned above.

Under the sponsorship of the Institut pour la Maîtrise des Risques (IMdR), and supported financially and technically by more than ten European and US organizations (see section 4), this validation project has been successfully completed with both RiskSpectrum®, from Relcon Scandpower and CAFTA®, from EPRI.


Until the Open-PSA initiative work on this subject, no common Model Exchange Formats were available for PSA. Several formats were available for Fault Trees (e.g. the SETS format), but nothing regarding the following constructs:

  • Probability distributions of basic events;
  • Extra logical constructs such as common cause groups, delete terms, recovery rules, exchange events…
  • Event Trees;
  • Results of computations.

A first version of the Open-PSA Model Exchange Format (OPSA-MEF) has been available since December of 2008. It covers all the above issues. It remained, however, to instantiate it in software, to link the software with [it and] to check it against a large, Level 1 PSA, and possibly to adjust the OPSAMEF accordingly.

Goals of the Open PSA Initiative include the following:

  • PSA models need the following capabilities:
    • Be as complete as is reasonably and progressively achievable.
    • Have well founded and documented bases for approximations and cut-offs.
    • Assure the optimum definition and timing for truncation to assure, among other aspects, consistent and correct importance calculations.
    • Account for event tree success path contributions.
    • Account for human actions reliability and recovery.
    • Support dynamic (real time) analyses, directly or through interfacing “risk monitor” software.
    • Provide enhanced results visualization, a common user interface, and support for current and anticipated Risk-Informed Decision Making (RIDM) applications.
    • Be clear, understandable, traceable, transparent, and well documented.
    • Assure benchmarking, validation, and other quality assurance capabilities.
    • Have a standard file format, transferable (portable) among PSA software programs.
  • PSA data needs the following:
    • Coordinated format, sources, compilation, analyses, assimilation, and data bases.
    • Coordinated platform for secure international access and dissemination.
    • Transparent and traceable data flow from the source to the model.
  • Needed or strongly desired supporting characteristics:
    • Standard and consistent semantics.
    • An Extensible Mark-up Language (XML) format for data, PSA models, and PSA software.
    • Ability to interface with Human Reliability Analysis software.
    • The capability for Markov processes, Bayesian analysis, and fragility analysis.
  • Inclusion of Boolean Driven Markov Processes (BDMP), dynamic event trees, and Failure Modes and Effects Analyses (FMEA).

The series of constructively collegiate meetings mentioned above, offered, discussed, and dispositioned a number of valuable perspectives. A candid observation was that while many agreed that to pursue and attain these goals was necessary, there appeared to be no sustained effort in that direction. It was concluded that “we needed to act.” Consequently, a series of progressive and supportive steps was discussed and envisioned. An important first step was to develop and validate an Open PSA Model Exchange Format (OPSAMEF).

A number of PSA software developers were approached to work with the Open PSA Initiative. Scandpower, now a member of the non-profit organization, Lloyd’s Register, took the lead to validate that a RiskSpectrum PSA model [from the German KKP Nuclear Power Plant (NPP)] could be exported into the OPSAMEF and reimported from it. In this regard, Scandpower developed a “RiskSpectrum IMDRXML” software application to export the KKB PSA model from RiskSpectrum into the OPSAMEF and from the OPSAMEF back into RiskSpectrum.

In accordance with the requirements of this project, Scandpower issued a user manual, RiskSpectrum IMDR-MEF. In addition to the Scandpower efforts, parallel efforts to a less extent were made with CAFTA, RiskMan, and ASTRA (a non-nuclear application) PSA models.

The fundamental goal of this first step was that exported as well as re-imported PSA models to and from the OPSAMEF and among the various PSA software have the same clear understanding. The overall conclusion is that these efforts have achieved a high level of success, and there is confidence that the remaining challenges can and will be overcome.


The results of the project have been completely successful:

  • The creation of small benchmark models that will be used both for this project and for future uses;
  • The design of translators from RiskSpectrum® internal format and CAFTA® internal format to the OPSA-MEF and vice-versa;
  • The validation of OPSA-MEF on the Kernkraftwerk Brunsbuettel (KKB) Level 1 PSA;
  • The issuance of reports describing and commenting the experiments performed to validate OPSA-MEF;
  • Independent validation by the Joint Research Center (JRC), Ispra Italy, using their PSA software, ASTRA®.

The OPSAMEF was exercised; refinements were proposed (especially with additional grammar constructs) from lessons learned from the validation; and the process was validated at a “proof of concept” stage. The fundamental goal has been achieved to about 85%. The remaining 15% may be a more challenging task. Part of the remaining challenge will be to update and maintain a successful OPSAMEF as a living tool for use among various PSA models.

The success with the OPSAMEF and the RiskSpectrum IMDR-XML software application, in light of the fact that RiskSpectrum has approximately 400 customers internationally and is the most widely used PSA software in the world, has gained the attention of a considerable population of users of other PSA software. This is very important because a significant goal expressed by at least one major European regulator and by at least one European nation operating a large number of NPPs is to work with PSA and PSA applications among NPPs and regulators with a consistent PSA model and user interface. Such consistency in analyses and communications will help focus available resources on the most safety significant considerations and contribute to increased safe NPP design, construction, operation, and maintenance.

As presented above, the Open PSA Initiative has an ambitious catalog of goals, and the development of the OPSAMEF and the RiskSpectrum IMDR-MEF contribute to the initial step. Future steps to the achievement of the full catalog of goals are anticipated. One additional long term goal is to accommodate expressed interest and demonstrated measure of success in exploring the application of the OPSAMEF to industrial areas other than the nuclear power plant safety assessment.

Some anticipated near term future activities are anticipated to include the following:

  • Workshops on the Open PSA Initiative.
  • Submission of papers for the following conferences or publications:
    • 10th International Probabilistic Safety Assessment & Management Conference (PSAM 10), Seattle, Washington, USA, 7-11 June 2010.
    • The 8th Maîtrise des Risques et Sûreté de Fonctionnement, Oct 2010, La Rochelle, France, in the Field of Innovation and Risk Management.
  • Article for Scientific Review.
  • Future ESREL Conference. ESREL conferences are scheduled in Rhodes, Greece in September 2010 and in Troyes, France in September 2011.

Finally, The Open PSA Initiative Website is established at

4. Project Participants

Contact Names Affiliation
Bäckström, Ola Relcon Scandpower AB
Becker, Günter RiSA Sicherheitsanalysen GmbH
Cepin, Marko IJS
Contini, Sergio EC JRC – Institute for the Protection and Security of the Citizen
Cojazzi, Giacomo EC JRC – Institute for the Protection and Security of the Citizen
Cronin, Frank ABS Consulting
Dassy, Françoise Suez Tractebel
da Zanna, Chiara TU Delft
Dres, Dennis Kernkraftwerk Leibstadt AG (KKL)
Duamp, Francois IRSN
Epstein, Steve (Woody) ABS Consulting
Hendrickx, Isabelle Suez Tractebel
Hibti, Mohamed EdF
Klugel, Jens Kernkraftwerk Goesgen AG (KKG)
Lannoy, André IMdR
Lundstedt, Lars Relcon Scandpower AB
Marle, Leila IMdR
Nusbaumer, Oliver Kernkraftwerk Leibstadt AG (KKL)
Rauzy, Antoine Dassault Systèmes
Richner, Martin NOK
Santos, Roberto Herrero CSN
Meléndez Asensio, Enrique CSN
Reinhart, Mark Interaction Internationale
Sörman, Johan Relcon Scandpower AB
Matuzas, Vaidas EC JRC – Institute for the Protection and Security of the Citizen