Probability analysis is best used where failure statistics are good, for example, in control systems that are made up largely of conventional components. To date, probability analysis is not used regularly in accident analysis.

However, pseudo-probability analysis, otherwise known as engineering judgment, has been supplemented in some cases by statistical analysis and by partial probability analysis. For example, failure of scram systems has been variously estimated at between 10-4 and 10-e per reactor year despite the difficulty of quantizing possible short-circuit paths. On a somewhat firmer basis (17), from an analysis of safety and shim rod hang-ups in the SM-1A reactor at Fort Greeley in Alaska during a 72-month period, the probability of failure to scram on a two out of three system is calculated to be 4.1-Ю-4 per reactor year. Such an analysis applies to a particular reactor system but in general can be applied to any plant protective system composed of similar parts.

On a somewhat more speculative basis and applying now directly to the sodium-cooled fast reactor, one analyst has applied the figure of 10~8 per reactor year to the probability that a small local failure in a fuel subassembly would propagate to a neighboring assembly. The error on this probability figure would be as much as two orders of magnitude either way!

In general then, the fast reactor is in the same position as the thermal systems: there is a desire to use probability theory to aid in the assessment of reactor safety, and a good deal of work is being done to apply the theory to protective systems and systems that use components for which failure rates are reasonably well known (18-20). In addition, further effort is being applied to overall containment analysis, where quantitative engineering judgment is used in place of failure rate data (21, 22).

When failure rates for reactor components become known (see Section 3.1), then probability analysis of system safety will undoubtedly be an established assessment method. Such a method will clearly be used initially to improve the reliability of reactor subsystems, such as the protective system or emergency core-cooling system (19), but ultimately general safety accident analysis should benefit by an application of these methods.