Rongyao Cai,Xiao Xv,Zhengming Lu,Kexin Zhang,Yong Liu

DOI: https://doi.org/10.1109/isas61044.2024.10552597

2024-01-01

Abstract:Fault tree analysis is the most commonly used methodology in industrial safety analysis to predict the probability or frequency of system failure. Although fault tree analysis has been proposed for more than six decades, the assumptions used in most commercial fault tree analysis codes have not changed significantly, which limits the ability of the method to represent design, operation, and maintenance characteristics in the context of the increasing complexity and specialization of modern industrial systems. The basic setup of traditional fault trees is unable to include dependencies between events, time-varying failures, and repair rate realities to explain complex maintenance strategies. To address the above shortcomings, we propose a fusion tree model combining fault tree and attack tree, and simplify the causal structure of the fusion tree by modularization, and utilize the dynamic Markov model to represent the complex coupling relationship between components or nodes. Finally, we demonstrate the calculation process of fusion tree in pressure vessel systems with temporal control.

Zhaohui Liu,Zhiqiang Wu,Xiaohua Yang

DOI: https://doi.org/10.1299/jsmeicone.2015.23._icone23-1_199

2015-01-01

The Proceedings of the International Conference on Nuclear Engineering (ICONE)

Abstract:In NPP, the digital control system which integrated software and hardware are increasingly used to improve dependability and introduce new functionality. Traditional safety analysis can get a good result when handling accidents caused by component failures, but software does not fail in this way. STPA is a new hazard analysis technique based on systems theory rather than reliability theory. It considers the system as a whole (include the hardware and software) to analyze failure and causality of systems and treats safety as a control problem rather than a failure problem. Being a safety-critical system, RPS in NPP needs to be considered carefully in system safety. So, we adopt this new approach to analyze the design process. From the analysis results, we found that causal factors leading to safety accidents identified by STPA included all the hazards identified by the fault tree analysis. Furthermore, there are some causal factors that were identified by STPA only. We utilize these results of the analysis on causation factor to refine the safety requirements and reduce the occurrences of the hazardous scenarios.

Edward Chen,Han Bao,Tate Shorthill,Carl Elks,Nam Dinh

DOI: https://doi.org/10.48550/arXiv.2205.12075

2022-05-24

Software Engineering

Abstract:In recent years, there has been considerable effort to modernize existing and new nuclear power plants with digital instrumentation and control systems. However, there has also been considerable concern both by industry and regulatory bodies for the risk and consequence analysis of these systems. Of concern are digital common cause failures specifically due to software defects. These failures by the software can occur in both the control and monitoring of a system. While many methods have been proposed to identify software failure modes, such as Systems Theoretic Process Analysis, Hazard and Consequence Analysis for Digital Systems, etc., these methods are focused primarily on the control action pathway of a system. In contrast, the information feedback pathway lacks Unsafe Control Actions, which are typically related to software basic events; thus, assessment of software basic events in such systems is unclear. In this work, we present the idea of intermediate processors and Unsafe Information Flow (UIF) to help safety analysts trace failure mechanisms in the feedback pathway and how they can be integrated into a fault tree for improved assessment capability. The concepts presented are demonstrated in two comprehensive case studies, a smart sensor integrated platform for unmanned autonomous vehicles and another on a representative advanced human system interface for safety critical plant monitoring. The qualitative software basic events are identified, and a fault tree analysis is conducted based on a modified Redundancy guided Systems theoretic Hazard Analysis methodology. The case studies demonstrate the use of UIFs and intermediate processors in the fault tree to improve traceability of software failures in highly complex digital instrumentation feedback. The improved method clarifies fault tree construction when multiple component dependencies are present in the system.

Tate Shorthill,Han Bao,Hongbin Zhang,Heng Ban

DOI: https://doi.org/10.1080/00295450.2021.1957659

IF: 1.667

2021-11-05

Nuclear Technology

Abstract:Digital instrumentation and control (I&C) upgrades are a vital research area for the nuclear industry. Despite their performance benefits, deployment of digital I&C in nuclear power plants (NPPs) has been limited. Digital I&C systems exhibit complex failure modes including common cause failures (CCFs), which can be difficult to identify. This paper describes the development of a redundancy-guided application of the Systems-Theoretic Process Analysis and fault tree analysis for the hazard analysis of digital I&C in advanced NPPs. The resulting Redundancy-Guided Systems-Theoretic Hazard Analysis (RESHA) is applied for the case study of a representative state-of-the-art digital reactor trip system. The analysis qualitatively and systematically identifies the most critical CCFs and other hazards of digital I&C systems. Ultimately, the RESHA can help researchers make informed decisions for how, and to what degree, defensive measures such as redundancy, diversity, and defense in depth can be used to mitigate or eliminate the potential hazards of digital I&C systems.

nuclear science & technology

Boyuan Li,Duo Li,Jianghai Li,Chao Guo,Huasheng Xiong,Shuqiao Zhou,Xiaojin Huang

DOI: https://doi.org/10.1115/icone31-135382

2024-01-01

Abstract:Abstract With the increasing dependence on digital instrumentation and control (I&C) systems in nuclear power plants, software has become a significant determinant of system safety assurance. To expand the use of digital technology in the nuclear industry, systematic methods are required for quantifying the safety of software-based I&C systems in safety critical applications. A software safety quantification model limited to the requirements phase is built in this paper based on the causal mechanisms that challenge safety. A preliminary mathematical method was developed to assess the number of requirements faults, their sub-types, their hazard rates and a control gate that allows determination of when to move beyond the requirements phase. A case study is conducted on a function of a reactor protection system to verify the validity of the quantification model. The framework allows us to assess software safety quantitatively.

JULWAN HENDRY PURBA,JIE LU,GUANGQUAN ZHANG

DOI: https://doi.org/10.1142/s1469026814500175

2014-09-01

International Journal of Computational Intelligence and Applications

Abstract:Fault tree analysis for nuclear power plant probabilistic safety assessment is an intricate process. Personal computer-based software systems have therefore been developed to conduct this analysis. However, all existing fault tree analysis software systems only accept quantitative data to characterized basic event reliabilities. In real-world applications, basic event reliabilities may not be represented by quantitative data but by qualitative justifications. The motivation of this work is to develop an intelligent system by fuzzy reliability algorithm in fault tree analysis, which can accept not only quantitative data but also qualitative information to characterized reliabilities of basic events. In this paper, a newly-developed system called InFaTAS-NuSA is presented and its main features and capabilities are discussed. To benchmark the applicability of the intelligent concept implemented in InFaTAS-NuSA, a case study is performed and the analysis results are compared to the results obtained from a well-known fault tree analysis software package. The results confirm that the intelligent concept implemented in InFaTAS-NuSA can be very useful to complement conventional fault tree analysis software systems.

Hongbin Zhang,Han Bao,Tate Shorthill,Edward Quinn

DOI: https://doi.org/10.1080/00295450.2022.2076486

IF: 1.667

2022-07-13

Nuclear Technology

Abstract:Upgrading the existing analog instrumentation and control (I&C) systems to state-of-the-art digital I&C (DI&C) systems will greatly benefit existing light water reactors. However, the issue of software common cause failure (CCF) remains an obstacle in terms of qualification for digital technologies. Existing analyses of CCFs in I&C systems mainly focus on hardware failures. With the application and upgrading of new DI&C systems, design flaws could cause software CCFs to become a potential threat to plant safety, considering that most redundancy designs use similar digital platforms or software in their operating and application systems. With complex multilayer redundancy designs to meet the single failure criterion, these I&C safety systems are of particular concern in U.S. Nuclear Regulatory Commission licensing procedures. In Fiscal Year 2019, the Risk-Informed Systems Analysis (RISA) Pathway of the U.S. Department of Energy's Light Water Reactor Sustainability Program initiated a project to develop a risk assessment strategy for delivering a strong technical basis to support effective, licensable, and secure DI&C technologies for digital upgrades and designs. An integrated risk assessment for the DI&C process was proposed for this strategy to identify potential key digital-induced failures, implement reliability analyses of related digital safety I&C systems, and evaluate the unanalyzed sequences introduced by these failures (particularly software CCFs) at the plant level. This paper summarizes these RISA efforts in the risk analysis of safety-related DI&C systems at Idaho National Laboratory.

nuclear science & technology

Yukun Tian,Jianghai Li,Xiaojin Huang

DOI: https://doi.org/10.1115/icone29-93395

2022-01-01

Abstract:Abstract Cyber security risk analysis can identify and assess factors that may damage to the system such as digital instrumentation and control system of nuclear power plants. Performing cyber security risk analysis is important for instrumentation and control system of nuclear power plants because it could assess overall impacts of risks and help to identify vulnerabilities to determine next steps to address security risks. With the integration of information system and physical system, cyber security of information system and functional safety of physical system interact with each other, resulting in a type of new comprehensive security problem and introducing serious security risks. Most of the existing cyber security risk analysis methods pay more attention to cyberattacks like attack tree analysis method, Petri net method, and Bayesian network method. STPA-SafeSec is a top-down security risk analysis method focusing on the system itself based on system theory, which starts from unacceptable losses of the system and pays attention to the causal factors that produce unsafe control. In this paper, STPA-SafeSec is applied to the primary circuit pressure control system of high temperature gas-cold reactors in order to perform the hazard analysis of integrated risk assessment for both functional safety and cyber security. The application details are given and a part of the hazardous scenarios tree is obtained for the formulation of mitigation strategies.

Wang Hao,Tian Cong,Zhou Shiliang,Liu Yu Yuan,Shahroze Ahmad

DOI: https://doi.org/10.1115/icone24-60833

2016-01-01

Abstract:Instrumentation and control (I&C) system is central nervous system of nuclear power plant (NPP), so its reliability is very important for the safety of NPP. Now Digital I&C system (DICS) is widely used in NPP, its reliability should be analyzed more carefully due to the more complex interaction among its components than analog I&C system. The interaction among DICS can be divided into type I and type II. The former is the interaction among sensor failure, controller failure and actuator failure, the latter is the interaction among hardware\software components of DICS. Limited by static Boolean logic, traditional fault tree is hard to model the dynamic interaction among DICS, so dynamic modelling method is required. In this paper, Dynamic flowgraph methodology (DFM) is used for reliability analysis of a subsystem of NPP DICS, namely APC (Automatic Power Control System). The proposed dynamic flowgraph modelled type I and type II interaction among APC and reliability of APC is assessed via inductive and deductive analysis. In the inductive analysis, three basic events (user defined combination of states) are considered, which includes sensor failure, SRB failure and master\checker processor failure, and the sequence of events caused by these basic events are tracked. In the deductive analysis, top event (combinations of possible system parameters and/or component states) is defined as actual control rod position is lower than demanded, and four combinations of basic events are tracked according to occurrence probability of their corresponding event.

Shiyu Yan,Hua Liu,Zhaohui Liu,Xiaohua Yang,Meng Li,Zhi Chen

DOI: https://doi.org/10.1115/icone26-81879

2018-01-01

Abstract:In view of control rod ejection accident of the traditional pressurized water reactor, the safety thought of the design phase is to validate reliability and availability of DCS I&C in the severe accidents. Now the most important and effective means is simulation calculation and analysis. It is applied for the imaginary accident of the nuclear power plant by using computer software. The new safety analysis steps based on the analysis of cause-and-effect logic failure: firstly, the composition and working principle of control rod drive mechanism is analyzed; secondly, a list of factors-the dynamics and structure, environmental reasons, the function of the control rod drive mechanism and status analysis-are all taken into account, the initial cause of failure modes with causal logic analysis is carried out; thirdly, based on cause-and-effect logic failure, the prevention and improvement measures of accidents, the new criterion of design are put forward. The advantages of cause-and-effect logic failure safety analysis: 1.be based on causal logic. 2. the system aspects is added compared with the past method that is only based on simulation calculation and analysis of the hypothetical accident, the accident the transient process of the key security parameters as the acceptance criteria. 3. The verification and audit of the lack of safety design criteria, completeness of design content, sufficiency problem are performed before the simulated calculation and analysis. 4. The coverage of safety analysis is expanded. Some good advices are provided for the design, operation and maintenance of nuclear power plant.

Zhi-wen WANG,Zhi-huan SONG

DOI: https://doi.org/10.3969/j.issn.1009-6094.2010.01.048

2010-01-01

Applied Mechanics and Materials

Abstract:To improve the objectivity and comprehensiveness of the safety assessments of the thermal power plant, a renovated method of safety assessment for thermal power plants has been proposed here in this paper based on the three dimensions: the maximum limits, the minimum limits and the restrictions on the middle region, as well as the data envelopment analysis (DEA) module. As each indicator can then be subdivided into some sub-indicators, the potential safety degree can be guaranteed by using scores evaluated by the specialists. Thus, the three-dimensional original data can then be uniformly processed into intervals [0,1], in which weight-related indicators relate to the safety parameters so that the potential safety can be determined by the analytic hierarchical parameters. The final results of the safety assessment can thus be denoted by four evaluation grades: the danger grade, slight danger grade, the slight safety and full safety grades by using the graded fuzzy membership functions. The method here mentioned takes full advantage of the power plants' existant quantitative indicators and non-quantifiable indicators by using real-time operating parameters of the equipment installations and human experience, all of which can form a comprehensive organic system to make the evaluation results both comprehensive and objective. The distinguished features of such an evaluation method lies in that it provides a new research idea for safety evaluation both of the objective data and subjective factors organically so that it can serve as a good reference to the other safety assessments of complex systems. And, finally, an example has been given to demonstrate the way on how to use the three-dimensional computational procedure. Thus, it can be concluded that the safety assessment method is fully feasible for the target it is aimed at.

Edward Chen,Han Bao,Tate Shorthill,Hongbin Zhang,Nam Dinh

DOI: https://doi.org/10.48550/arXiv.2209.05480

IF: 6.4588

2022-09-11

Human-Computer Interaction

Abstract:Human-system interface is one of the key advanced design features applied to modern digital instrumentation and control systems of nuclear power plants. The conventional design is based on a compact workstation-based system within the control room. The compact workstation provides both a strategic operating environment while also a convenient display for plant status information necessary to the operator. The control environment is further enhanced through display panels, visual and auditory alarms, and procedure systems. However, just like the legacy control, the HSI should incorporate diversity to demonstrate sufficient defense-in-depth protection against common cause failures of the safety system. Furthermore, the vulnerability of the HSI is affected by a plethora of factors, such as human error, cyberattacks, software common cause failures, etc., that complicate the design and analysis. Therefore, this work aims to identify and evaluate existing system vulnerabilities to support the licensing, deployment and operation of HSI designs, especially the functions that are relevant to a reactor trip. We performed a systematic hazard analysis to investigate potential vulnerabilities within the HSI design using the novel redundancy-guided systems-theoretic hazard analysis. This method was developed and demonstrated by Idaho National Laboratory under a project initiated by the Risk-Informed Systems Analysis Pathway of the U.S. Department of Energy's Light Water Reactor Sustainability Program. The goal of the project is to develop a strong technical basis for risk assessment strategies to support effective, reliable, and licensable digital instrumentation and control technologies.

Chao Guo,Huasheng Xiong,Duo Li,Shuqiao Zhou

DOI: https://doi.org/10.1115/icone24-60535

2016-01-01

Abstract:Nuclear safety is one of the key issues for a nuclear power plant (NPP). Digital instrumentation and control (I&C) systems have been employed gradually in the newly-built and upgraded NPPs, while the reliability of software brings great challenges to the Probability Risk Assessment (PRA) of NPPs. Software testing is regarded as one of the most important methods to guarantee the quality of safety software. The testing data can then be adopted to assess the coding quality by reliability modelling. As the variety of digital I&C systems, software modelling methods corresponding to particular I&C system, as well as a model which is suitable in all situations, are both expected.The Reactor Protection System (RPS) in High Temperature Gas-Cooled Reactor - Pebble bed Module (HTR-PM) is the first digital RPS designed and to be operated commercially in China. As the designer, we also took part in the software testing work of this digital I&C system. In this paper, we gave a comprehensive introduction to the software testing and reliability modelling research of RPS in HTR-PM, including the objective, tools, methods, testing strategy, organizational structure, and the implementation phases.During the testing experience of safety software of RPS in HTR-PM, we collected the software abnormal reports which could be employed for the reliability analysis to evaluate the quality of the safety software. We introduced the data mining and reliability modelling research according to the abnormal reports. Different characteristics of faults could be used for software reliability modelling, such as software version, fault severity, test stage, submission date, debugging data, and so on. In the end we introduced a software modelling method based on severity analysis of the abnormal reports.The work we showed in this paper can contribute to improve the process of testing and reliability analysis for other digital I&C systems in NPPs.

Hu Yuehua,Li Lin,Yan Zhen,Song Lei

DOI: https://doi.org/10.1115/icone25-66454

2017-01-01

Abstract:Systematic multiple spurious operation review is the important basement of Fire PSA Component Selection and Fire Induced Risk Modeling. It is a task of systematically evaluation of all plant systems and identification of equipments susceptible to potential spurious actuation that may challenge safe shutdown capability via spurious operations, which can ensure that the fire PSA model addresses the impacts of single spurious operations (SSOs) and multiple spurious operations (MSOs). In this paper, different methodologies of systematic multiple spurious operation review are studied and it is found that two methodologies are given in literature published at home and abroad: one methodology is development of comprehensive plant specific MSO list by panel review. This methodology is based on generic list of MSOs combined with plant specific information review. This methodology proposes high requirements for the expert panel and hard to avoid missing of some scenarios. Another methodology is review of all plant systems and components to receive SSOs, and then using MSO matrix to evaluate and encode each unique pair to receive MSOs that disable the system function. This methodology can ensure the integrity of MSO list, but the matrixes are too complicated. In this paper, the fault tree method is employed to improve the matrix method in the MSO evaluation process of the latter methodology. Reactor Coolant System (RCS) is taken as an example to describe the application of this method to CAP1000. Engineering practice shows that the fault tree method can effectively avoid omissions of MSO scenarios, and it is more useful and simple for tertiary or quaternary MSO evaluation, as well as more convenient for further MSO evaluation due to cross system issues. Furthermore, MSO fault trees can be directly called by fire PSA model for evaluation, which can lay a foundation for the follow-up work of fire PSA.

Qingzhu Liang,Mingxing Liu,Peng Xiao,Yun Guo,Jun Xiao,Changhong Peng

DOI: https://doi.org/10.1155/2020/8839399

IF: 0.849

2020-01-01

Science and Technology of Nuclear Installations

Abstract:The aim of this study is to verify if the reliability of a digital four-channel RPS under the design phase satisfies the specified target and to identify the weakness of system design and potential solutions for system reliability improvement. The event-tree/fault-tree (ET/FT), which is the method used in the current probabilistic safety assessment (PSA) framework of nuclear power plants (NPPs), was adopted to developed reliability modeling for the RPS with the Top Events defined as the system failure to generate reactor trip signal and the system generating spurious trip signal. The evaluation results indicate that the probability of the system failure on demand and the frequency of spurious trip signal generation are 1.47 × 10−6 with a 95% upper bound of 4.63 × 10−6 and 7.94 × 10−4/year with a 95% upper bound of 2.50 × 10−3/year, respectively. The importance and sensitivity analyses were conducted and it was found that undetected unsafe common cause failures (CCFs) of signal conditioning modules (SCMs) dominate the system reliability. Two preliminary optimization schemes relative to reducing periodic test interval and adapting two kinds of diverse SCMs were proposed. Results of the quantitive evaluation of the schemes show that neither of them could determinedly improve the system reliability to the target level. In the future, more detailed optimization analysis shall be required to determine a feasible system design optimization scheme.

Yu,Jiejuan Tong,Ruichang Zhao,Aling Zhang

DOI: https://doi.org/10.1109/icrms.2009.5270214

2009-01-01

Abstract:Probabilistic safety assessment(PSA) is a systemic engineering evaluating technology, having been widely used in the field of nuclear power plant safety evaluation, it reacts on improving safety of nuclear power plant significantly. Along with the nuclear technology development and application, dynamic characteristic of system is more and more important to the plant safety analysis. From 1980's,several kinds of dynamic reliability analysis methods have been proposed, among these methods, Monte Carol simulation(MC) and dynamic discrete event tree(DDET) are the two of the most promising ones, and they have advantages and disadvantages respectively. A new method combining the two methods is proposed in this paper, and system reliability analysis is made for continuous operation system in nuclear power plant. Based on the comparison with the result of fault tree(FT), program validation is proved, and applicability of the dynamic reliability analysis and FT is simply analysed.

Q. Z. Liang,Y. Guo,C. H. Peng

DOI: https://doi.org/10.1088/1755-1315/427/1/012018

2020-01-01

Abstract:The widely use of digital instrument and control (I&C) systems in nuclear power plants (NPPs) and their important role in plant safety put forward the requirement for developing reliability modeling for digital systems with the capacity to be integrated into the existing probabilistic safety analysis (PSA) framework. However, challenges arise in the reliability analysis which mainly come from the modeling of complex interactions among the system hardware, software, controlled process physics, and operator. Generally, these factors are analyzed separately since at present there isn't universal methods for modeling them in a uniform framework. In this paper, the research status of reliability modeling methodologies, software reliability assessment methods and human reliability analysis for digital instrument and control systems in NPPs were introduced. The survey results show that ET/FT is still the mainstream method in reliability studies of digital systems in NPPs, and DFM is a dynamic method with great potential. At present, there is no generally accepted software reliability analysis method. The researches about human errors under digital environment and the theoretical basis of corresponding human reliability analysis method is being developed.

Han Bao,Hongbin Zhang,Tate Shorthill,Edward Chen,Svetlana Lawrence

DOI: https://doi.org/10.1016/j.ress.2022.108973

2022-11-19

Abstract:Digital instrumentation and control (DI&C) systems at nuclear power plants (NPPs) have many advantages over analog systems. They are proven to be more reliable, cheaper, and easier to maintain given obsolescence of analog components. However, they also pose new engineering and technical challenges, such as possibility of common cause failures (CCFs) unique to digital systems. This paper proposes a Platform for Risk Assessment of DI&C (PRADIC) that is developed by Idaho National Laboratory (INL). A methodology for evaluation of software CCFs in high safety-significant safety-related DI&C systems of NPPs was developed as part of the framework. The framework integrates three stages of a typical risk assessment—qualitative hazard analysis and quantitative reliability and consequence analyses. The quantified risks compared with respective acceptance criteria provide valuable insights for system architecture alternatives allowing design optimization in terms of risk reduction and cost savings. A comprehensive case study performed to demonstrate the framework's capabilities is documented in this paper. Results show that the PRADIC is a powerful tool capable to identify potential digital-based CCFs, estimate their probabilities, and evaluate their impacts on system and plant safety.

engineering, industrial,operations research & management science

Hua Liu,Xiao-Hua Yang,Zhao-hui Liu,Meng Li,Zhi Chen,Zhigang Feng,Qing Zhao

DOI: https://doi.org/10.1115/icone26-81486

2018-01-01

Abstract:From the general industrial control system to the nuclear power plant control platform, the threat of information security has its own particularity more than continuity.The original dedicated system in general industrial area is gradually replaced by many common protocol, software and equipment. As a result, the security vulnerabilities are more likely to be used illegally. For a specific nuclear power plant digital control platform-NASPIC, the vulnerability analysis of platform is performed. Mainly two aspects of technology and management are to be carried out. For technical aspects, four categories problems-unauthorized execution, unauthorized write, unauthorized reading and reject service-are analyzed. Management is mainly about the lack of management strategy and strategy vulnerability. By analyzing the fragility of the instrument control platform, the key equipments, key channels and key modules are proposed. The qualitative and quantitative rules are deduced for evaluation of NASPIC information security.

Rania A. Fahmy,Hala K. Selim

DOI: https://doi.org/10.1007/s00202-023-01949-6

IF: 1.63

2023-07-29

Electrical Engineering

Abstract:Reliability data is necessary for probabilistic safety assessment (PSA) of a nuclear power plant to assess the performance of the safety systems. One well-known modeling technique in PSA is a fault tree analysis (FTA). However, dynamic failure of complex systems cannot be adequately modeled by traditional static fault trees. Therefore, to overcome this deficiency and to effectively assess the reliability of real complex systems, the concept of dynamic fault tree (DFT) is introduced by defining additional gates called dynamic gates to the traditional fault tree. DFTs are now successfully applied in dynamic failure systems reliability evaluation, design and risk management due to their simplicity and powerful dynamic modeling capacity. The containment spray system (CSS) is one of the confinement safety systems in pressurized water reactor. The basic purpose of CSS is to cool the atmosphere of the containment when its internal pressure surpasses a specific limit. The aim of this study is to develop a DFT for the CSS. Monte Carlo simulation approach is applied to implement the dynamic gates of DFT using Python programming language. This study investigates the effectiveness of DFT in presenting accurately the dynamic failure behaviors of CSS and the effectiveness of the simulation to calculate the reliability indices. Also, an importance measure is calculated based on the developed DFT to measure the impact and contribution of the CSS components on the total system risk.

engineering, electrical & electronic