Contents lists available at ScienceDirect Safety Science journal homepage: www.elsevier.com/locate/safety Dynamic simulation of knowledge based reasoning of nuclear power plant operator in accident conditions: Modeling and simulation foundations Yuandan Li a , Ali Mosleh b, ⁎ a Center for Risk and Reliability, University of Maryland, College Park, MD 20742, USA b University of California, 3111 Engineering V, Los Angeles, CA 90095-1595, USA ARTICLE INFO Keywords: ADS-IDAC Human reliability analysis Cognitive simulation Knowledge-based behavior Attention ABSTRACT This paper describes major additions to the modeling and simulation capabilities of the Accident Dynamic Simulator paired with the Information, Decision, and Action in a Crew context (ADS-IDAC), a platform for conducting dynamic probabilistic risk assessment (DPRA) of nuclear power plants. The new advancements are mostly in modeling of operator knowledge-based behavior in accident conditions, enhancing realism of the IDAC model, and simulation approach to Human Reliability Analysis (HRA). The focus is situation assessment and diagnosis of the accident cause. Knowledge-based reasoning plays an important role in this phase. A reasoning module has been developed and implemented in ADS-IDAC to simulate operators’ knowledge-based reasoning. This paper describes the cognitive architecture of the reasoning module, including knowledge representation (model of operator’s understanding of the plant systems and functions), a memory representation, information processing flow, reasoning sequence generation, and rules for accident diagnosis. Some theoretical and empirical insights for human error prediction are embedded in this causal model as simulation rules. Human cognitive limitations and heuristics that potentially contribute to human errors are explicitly modeled. Together with the model description, several example simulations are provided to demonstrate different features of the reasoning module. Examples of the simulation show that the reasoning module in ADS-IDAC produces realistic knowledge- based responses by capturing cognitive limitations, deliberative reasoning, and dynamic of accident progression. 1. Introduction The Accident Dynamics Simulator paired with the Information, Decision, and Action in a Crew context cognitive model (ADS-IDAC) is a Dynamic Probabilistic Risk Analysis (DPRA) software platform that probabilistically simulates the response of a nuclear power plant and its control room crew to a postulated accident. Among other features, it aims to identify potential control room operator errors in accident si- tuations, particularly errors of commission. This is the one of three papers describing major additions to mod- eling and simulation capabilities of the ADS-IDAC platform (ADS 3.0). This paper introduces the models and key algorithms of operator knowledge-based reasoning for situation assessment and accident di- agnosis. Another paper provides the modeling techniques of the impact of problem solving tendencies of different crews, and offers examples of simulation runs (Li and Mosleh, 2017). An upcoming paper discusses the modeling of Performance Shaping Factors (PSFs) and operator re- sponse variability, and provides a detailed example of to demonstrate the new features and capabilities and comparison with results of benchmark exercises with real operators. Compared with manually performed human reliability analysis (HRA) approaches (Cooper et al., 1996; Gertman et al., 2005; Kirwan, 1994; Ekanem et al., 2016), a simulation approach like ADS-IDAC offers several advantages. It allows more realistic portrayal of the human- system interactions mainly by providing rich contextual information to the human model and by explicitly modeling the outcomes of the human-system interactions. Simulation approach to HRA enables much higher resolution in terms of human behaviors and their causes. It provides a direct way for leveraging many insights from cognitive sci- ences, experimental psychology, and human factors studies to model and simulate operator response and predict errors, including errors of commission. Simulated scenarios can be also compared with actual events and plant simulator observations to further calibrate the models and also provide explanation for the observed behaviors. Obviously, the predictive quality of a simulation-based HRA de- pends on the degree of realism of the underlying model. Lessons learned from earlier simulation HRA approaches, Cognitive Environment Simulation (CES) (Roth et al., 1992), Cognitive Simulation Model https://doi.org/10.1016/j.ssci.2018.02.031 Received 6 May 2017; Received in revised form 14 February 2018; Accepted 28 February 2018 ⁎ Corresponding author. E-mail addresses: liyd03@gmail.com (Y. Li), mosleh@ucla.edu (A. Mosleh). Safety Science xxx (xxxx) xxx–xxx 0925-7535/ © 2018 Published by Elsevier Ltd. Please cite this article as: Li, Y., Safety Science (2018), https://doi.org/10.1016/j.ssci.2018.02.031