Towards Super-Safety  Management of Nuclear Plants

   MKEM Server,

ENEA's Research Center Casaccia

         In frame of  Socio-Cognitive Research and Nuclear Integrated Safety and Security Management

(Ricerca Socio-Cognitivo-Tecnologica  Integrata per 




 Research Virtual Group


  for Managerial  Intelligence  and

  Integrated Nuclear Safety


 Adam  Maria GADOMSKI  (It)

Massimo SEPIELLI (It)

Rocco BOVE (It)


Suman RAO (India)

 Corrado Antonio KROPP (It)


  Agostino MATHIS (It)


as well as ...








The page in editing yet




Method: Meta-Knowledge Management


Emergency Management


  “No problem can be solved from the

   same level of consciousness that

    created it”      [ Albert Einstein]

"In order to improve the IAEA, its organizational culture

should be changed in such a fashion to address the  high

priority  of   safety-related activities in the agency"

( http://www-bcf.usc.edu/~meshkati/critical.html)

         ---The site  in  updating yet, May 2008 ---


        SUPER-SAFETY - an initial working definition                                                          

Super-safety can be considered as the state of complex potentially  high-risk system/process where different integrated technological and human defence measures  protect successfully its environment against accidents which it could cause, and against their all possible consequences (distributed in space and time) leading to losses not acceptable by the society. 


 In order to obtain and to maintain the super-safety state of nuclear power systems/aggregates a proper Nuclear Integrated Safety Management (NISM) is required. This activity should encompass whole life cycle of nuclear systems, the analysis of possible risk , and requires an unified systemic approach to the identification and modeling of nuclear aggregates, as well as prevention  and response preparation measures.

For the reason of  different actors involved in NISM, such as: plants personnel, stakeholders and policy makers, their roles require different but congruent perspectives on the safety problem.

        PROBLEM IDENTIFICATION - a systemic top-down perspective                               


        Critical aspects of nuclear energy safety :  technological solutions,  human errors and  

          public acceptation.





              Fig. 1. The NISM approach: Sources of Human Errors  -  the plant operator perspective






            Fig. 2. The NISM approach: Propagation of the consequences of  operators'  Human Errors 

                       (Gadomski, 98).






       NUCLEAR SAFETY IMPROVEMENT LEVELS                                                                             


   The domain of Nuclear Integrated Safety Management is the whole life cycle of nuclear energy production and

   resources management. It  includes: design, exploitation and decommissioning phases, as well as the policy

   making. All of them require a common systemic  meta-modeling framework.


    A.  General look on the improvement strategy of the integrated nuclear safety in a local and large-

            scale  (the  TOGA classification criteria applied) :  


         - new or modified physical & technological nuclear processes for energy production

         - new or modified control process (employed optimization and computer technologies)

         - new control & supervising technologies (new sensors and computer technologies)

         - new control & supervising strategies ( operatore's console system and human-organization efficacy).

         - new decision  and policy making strategies (modeling of socio-cognitive infrastructures and 

           cultural strategies implemented in  new Intelligent Consoles  as an active/Intelligent  Decision Support

           Systems (IDSS) Network.


     B.  Vulnerability of Human, Organization,  Socio-Economical and Cultural Factors require


          an  intelligent support and substitution of plant operators and  managers in well defined

         decision-making tasks,  such as  precautionary decisions,  risk mitigation and procedural 

         emergency management .


          Human vulnerability levels relate to:


          1.   Operator level

            plant operator - computer interactions  (improvements: training and technologies for human-computer

            cognitive interactions)

          - operator decisions (improvements: training and IDSS - Intelligent Decision Support Systems)

          - operator - organization interactions (improvements: training and IDSS - Intelligent Decision Support



          2.   Organization level

          - managerial and organization decisions (improvements: models development, identification, training and

            IDSS - Intelligent Decision Support Systems for management).


          3.   Policy and Social  Level

          - strategic policy makers - influence and coordination (improvements: theory and models development,

            identification, training and IDSS - Intelligent Decision Support Systems for policy making).

          - public opinion - politics (improvements:  systemic cause-consequences models, technical information

            dissemination,   human-friendly distributed network of IIS- Intelligent Information Systems).


  C.  The opinions of  distinguished Italian experts related to new physical & technological

           processes (classical engineering perspective yet):

           Agostino Mathis,  Nuclear energy: reality and perspectives -  A general point of view

           Augusto Gandini,   New reactors concepts and scenarios:



  D. Opinions and expertises related to various forms of Nuclear Integrated Safety Management


        -   Mohamed El Baradei (IAEA Director General) statement to the IAEA Board of Governors, 3 March

             2008, Vienna, Austria IAEA Board of Governors. Disarmament Documentation.


        -    Ernesto Zedillo (Director of the Yale Center for the Study of Globalization). Time to Strengthen the

             IAEA: With global demands for nuclear energy on the rise, the international regulator cannot

              be neglected. YaleGlobal - On line, 7 August 2008.


        -   Jacques Repussard (Director General IRSN). Challenges of a Harmonized Global Safety Regime .

             IAEA 2007 Scientific Forum, Vienna – 18-19 September 2007.


        -  ...

        POSSIBLE SOLUTIONS IN  SHORT and MIDDLE TERMS                              


      An Integrated Intelligent Supervisory and  Embedded Intelligent Infrastructure Network                 


      It means, the development of networked:  

     Super-safety Universal Intelligent Console

     for multi-role supervision, control, and management

Its development  requires advanced meta-knowledge engineering modeling, interdisciplinary technologies, new systemic theory perspective, as well as research and economical resources. In particular:


Cognitive Ergonomic Technologies - human-friendly tools for information perception and command emission (images, virtual technologies, voice),

-   Top ontology and methodology:  the TOGA meta-theory framework.

         Applying TOGA (Top-down Object-based Goal-oriented Approach), we distinguish 4 main layers

         of safety building  and the problem/goal dependent points of view (see also): 

(1) natural safety, it employs only the safety properties of physical processes engaged in the system external  functions.

(2) critical safety; it is realized by the shut-down of the system functions under critical conditions. An automatic switch-off equipment is installed.

(3) controlled safety; a supervision of safety-indicating variables and  the model-based regulation of their control variables (in open and close loops) are realized.

(4) super-safety;  a supervision of the controlled safety is performed, the models employed in the controlled safety layer can be modified according to the managerial preferences of the object/process owner or some external normative requirements.

Remarks:  An intrinsically safe nuclear technology is an integrated approach to the safety analysis  in the above defined layers.                                                                                     

          -  Problem/goal dependent points of view /(modeling perspectives) , examples: safety for plants,

         safety airplane, safety for a society.  In general, goal dependent points of view are either a set of 

         conditions which are requested for the safety  of an object/system X,  or a set of conditions which has to 

         enable to achieve a safety level for a preselected  object/system/material/process in a domain D.


         Here, in the natural safety layer (1), the first processes which has to be investigated and assessed are

        process-components of  the nonlinear  dynamics of the reactor core. This field  has been the domain of  

        multi-year ENEA research. In other words, the operator has to know which are the critical processes,

        their  indicators, and efficacy of control variables,  see also (*).


         - Business of Intelligence : protection/defense strategies employ high-intelligence infrastructures

         cooperating with human resources (operators, managers). It is an essential component of  integrated

         models of super-safety  for the management of nuclear plants.


         We should remember that only sufficiently precise models of human and organization decision-

         making may enable to recognize  its weak points, to simulate it,  and to elaborate effective 

         defense and protection strategies, as well as to design a network of  intelligent decision support


         - They all together are necessary for nuclear super-safety integrated management.



         Possible current ENEA' s  Interests, Research, Contributions and Applications     


          -  A.M. Gadomski, M. Sepielli New Approach to Intelligent System for Nuclear Safety (ppt),

          IAEA, Vienna, June 2005.  

-  A. M. Gadomski, M. Sepielli, C. A. Kropp, A. Ratto.  Super-Safety Concept in Nuclear Integrated Safety Management: An example of on-line monitoring application to CRDM for operational safety .

5th HOLMUG Technical Working Group Meeting on “Nuclear Power Plant Control & Instrumentation”, Ringhals, Sweden, October 16-17. 2008 (ppt presentation-pdf).

         - A Methodology for Integrated Super-safety Management of Nuclear Power Systems (in preparation)


        General Vision Links                                                                                               :

           - Prof.  Bernard L. Cohen, "THE NUCLEAR ENERGY OPTION",  1990:  

             .Understanding risk

              The next generation of nuclear power plants

           IAEA Approach to Safety Standards

           -  Human Factors Research and Nuclear Safety (book on-line - free,1988)


           - A.M.Gadomski. Methodologies for Safety and Reliability (meta-modeling)  -  (2001) - e-paper.



          The results of  Google search :


               nuclear super-safety                          (334 docs -18 Nov. 2008 -  MKEM's pages  are 1,2)

               nuclear super-safety, management   (141 docs -14 Nov. 2007 - This page is the first)

               nuclear safety, high-intelligence       (12 900 docs -14 Nov. 2007 -  MKEM's pages  are 1,2)

               nuclear energy, intelligent                ( 833.000 docs -  9 Aug.2005)

                                                                                                  (990 000 docs -18 Nov. 2008 -  MKEM's pages  are 1,2)

               nuclear safety, intelligent                  (631.000 docs  -  9 Aug. 2005, where MKEM server ENEA: 1,2)

                                                                                                 (1 570 000 docs -14 Nov. 2007 -  MKEM's page is 2nd)

                                                                                                 (491.000 docs -18 Nov. 2008 - This page is the first)




Archive: Research for Technological Safety   (in editing yet            

© 2005-2008, ENEA. Adam Maria Gadomski (ed). All rights reserved.  These are research server, it  represents  the research results & scientific opinions of the contributors, but not necessarily of ENEA.  If you are  interested in  more exact  information, please  send e-mail The e-mail address is only for professional purposes.