A modelling framework for dynamic safety assessment

The concept of resilience is progressively making its way into the design, operation and management practice of complex engineering systems. The core of such trend lies with the integration of failure mechanisms in the modelling of systems since the very design phase, focusing on the ability to efficiently absorb and rapidly respond to threats rather than merely avoid them. This is expected to overcome the limitations of traditional design against-failure approaches, whose efficiency is often undermined by the strong uncertainty associated with rare or hardly predictable hazards. However, the potential advantages such a theoretical shift delivers have not yet been matched by the availability of adequate numerical tools and methodologies targeting the challenges associated with resilience analyses. The current literature and engineering practice lack of a widely agreed upon methodology for the assessment of systems resilience, or even for the definition of its metrics. This study proposes a novel approach for the estimation of the dynamic response of complex systems to safety threatening perturbations, aiming at providing a solid base for the evaluation of system resilience. The framework proposed relies on the use of Petri nets to capture both the physics of the processes entailed by the system operation and its interaction with the technological installation. The framework is applied to a case-study focusing on the response of a CANDU nuclear reactor to cyber incidents hindering the correct operation of the reactor control system and hence resulting in a loss of regulation threatening the structural integrity of the nuclear fuel.