Clark School Home UMD

Software

CRR often develops software tools as part of sponsored research or in support of its own internal R&D.  Some of these products are also available to those interested either directly through the Center or through commercial distributors. A partial listing of the software developed at CRR is provided in the following. For more information contact CRR Administrative Assistant.

IRIS (Integrated Risk Information System)

 Developed for the US Federal Aviation Administration for risk-informed safety oversight, 2007

screenshotIRIS software is a platform to perform Probabilistic Risk Analysis (PRA) based on the Hybrid Causal Logic (HCL) methodology. The HCL methodology employs a model-based approach to system analysis. The framework contains a multi-layer structure that integrates ESDs, FTs, and BBNs without converting the entire system into a large BBN.  This allows the most appropriate modeling techniques to be applied in the different individual domains of the system. The scenario or safety context is modeled in the first layer using Event Sequence Diagrams.  In the next layer, Fault Trees are used to model the behavior of the physical system as possible causes or contributing factors to the incidents delineated by the ESDs. The Bayesian Belief Networks in the third layer extend the causal chain of events to potential human and organizational roots. The connections between the BBNs and ESD/FT logic models are formed by binary variables in the BBN that correspond to basic events in the FTs, or Initiating Events and Pivotal Events in the ESDs. The probability of the connected events is thus determined by the BBN. In order to quantify the hybrid causal model it is necessary to convert the three types of diagrams into a set of models that can communicate mathematically.  This is accomplished by converting the ESDs and FTs into Reduced Ordered Binary Decision Diagrams (ROBDD). BBNs are not converted into ROBDDs; instead, a hybrid ROBDD/BBN is created.  In this hybrid structure, the probability of one or more of the ROBDD variables is provided by a linked node in the BBN.

IRIS provides a framework to identify risk scenarios and contributing events; calculates probabilities of the various risk scenarios; calculates event risk (probabilities of the undesired events) and identifies the impact of specific changes; and ranks risk scenarios and risk contributors by their probabilities. In addition, IRIS provides tools for hazard identification such as highlighting functions. Trace and drill down functions are provided to facilitate the navigation through the risk model.  IRIS also includes a risk indicator feature that allows the user to monitor system risk by considering the frequency of observation and risk significance of particular events (indicators) in the model.  All IRIS features can be implemented with respect to one risk scenario or multiple scenarios, e.g., all of the scenarios leading to a particular category or type of end state.

The GUI is broken down into two main functions: modeling and analysis.  The modeling functions allow the user to build and edit ESDs, FTs, and BBNs.  The analysis functions produce cut-sets, importance measures, and risk indicators.  The user can navigate between the modeling and analysis functions by selecting from a set of tabs at the bottom of the screen.


QRAS (Quantitative Risk Analysis System)

Developed for NASA for Space Shuttle mission risk management, 1997, 2001, 2002 developed for NASA (currently a commercial software used by several government agencies and industries worldwide).

screenshot


SimPRA (Simulation Based Probabilistic Risk Analysis System)

Developed for risk-based design of complex hybrid systems under a grant from NASA, 2005

screenshotSimPRA is an adaptive-scheduling simulation-based DPRA environment developed at the University of Maryland under NASA funding. SimPRA provides an extensive and multi-layered risk model building capability to capture engineering knowledge, design information, and any available information from operating experience, simplifying (and in part automating) the tasks typically undertaken by the risk analysts. In the SimPRA framework, the estimation of end state probabilities is based on the simulation of system behavior under stochastic and epistemic uncertainties. A new scenario exploration strategy is employed to guide the simulation in an efficient and targeted way. The SimPRA environment provides the analysts with a user-friendly interface and a rich DPRA library for the construction of the system simulation model. In SimPRA, a high-level simulation scheduler is constructed to control the simulation process, generally by controlling the occurrence of the random events inside the system model. To stimulate the desired types of scenarios, the input to the simulation model is also controlled, using scheduling algorithms. Rather than using a generic wide-scale exploration, the scheduler is able to pick up the important scenarios, which are essential to the final system risk, thus increasing the simulation efficiency.  To do that, a high-level simulation planner is constructed to guide the scheduler to simulate the scenarios of interest. Therefore the SimPRA environment has three key elements: planner, scheduler, and simulator. The planner serves as a map for exploration of risk scenario space. The scenarios of interest are highlighted in the planner. The scheduler manages the simulation process, including saving system states, deciding the scenario branch selection, and restarting the simulation. The scheduler guides the simulation toward the plan generated by the planner. The scenarios with high importance would be explored with higher priority, while all other scenarios also have a chance to be simulated. Scheduler would favor the events with higher information and importance values. This is done with an entropy-based algorithm


ADS (Accident Dynamics Simulator)

Performs dynamic probabilistic risk assessment of technological systems, developed under grants from UMD, US Nuclear Regulatory Commission, Electric Power Research Institute, Ship Research Institute of Japan, Paul Scherrer Institute, Switzerland, 1993, 2001, 2006.

screenshotDynamic probabilistic risk assessment methods can improve nuclear plant probabilistic risk assessment (PRA) by providing rich contextual information and an explicit consideration of feedback arising from complex equipment dependencies and operator actions. The Accident Dynamics Simulator paired with the Information, Decision, and Action in a Crew context cognitive model (ADS-IDAC) is one such dynamic method that shows promise for supported nuclear power plant risk assessments. The ADS-IDAC environment couples a thermal-hydraulic model with an operations crew cognitive model to permit the dynamic simulation of operator performance during nuclear power plant events. ADS-IDAC generates a discrete dynamic event tree (DDET) using simplified branching rules to model variations in crew responses. Branching events may include hardware failures; operator decisions or actions; and stochastic timing variabilities. In ADS-IDAC, the experience and training of each crew operator is reflected in the ADS-IDAC knowledge base. The knowledge base captures the information needed to assess the plant state, execute procedural actions, and match memorized response actions to perceived plant needs.

Compared to more traditional risk assessment methods such as static linked event and fault tree approaches, dynamic PRA methods offer a number of significant advantages.  Because a simulation model can provide a more realistic representation of plant accident response, the time available for operator actions, the presence (or absence) of key diagnostic cues, and contextual information about accident scenarios can be more directly assessed in support of human reliability analysis.  Plant procedures and skill- and rule-based actions can be directly simulated in order to better account for feedback from the nuclear plant to the operations crew and assist in the identification of situational contexts where operators may commit errors of commission.  Because dynamic simulation methods more explicitly represent the timing and sequencing of events, directly calculate the impact of variations of hardware and operator performance on the plant model, and are capable of capturing complex interdependencies, system success criteria is more realistic and does not include conservatisms due to scenario binning that is sometimes found in traditional static PRA models.


ReDCAS (Reliability Data Collection and Analysis System)

Performs Bayesian reliability analysis based on on heritage data, test results during development phase and design engineer judgment. The software produces predictions of reliability and tracks reliability growth of new products during the development phase. ReDCAS methods and software development effort was sponsored by the Ford Motor Company.