iaea technical meeting
TRANSCRIPT
IAEA International Atomic Energy Agency
IAEA Technical Meeting (22-25 June 2015)
Bernard POULAT
Senior Safety Officer
Department of Nuclear Safety and Security
Division of Nuclear Installation Safety
Safety challenges for new Nuclear Power plants
IAEA
To be implemented
by the designer to
provide NPP with
an up to date level
of safety
To be used by the
reviewer of the
design (e.g. Safety
Authority) to assess
the safety of the
design
SSR-2/1 (revision of NS-R-1) has been published on 20 Feb 2012
2
IAEA Safety Standards
A few requirements have been recently added or enhanced (SSR-2/1
rev 1 approved in March 2015)
IAEA
Safety Standards are effective for nuclear
safety if they are properly applied in practice
Safety Standards
3
IAEA
New Objective: Off site contamination should
be avoided in the event of an accident
Up to date requirements
…..Some requirements for the design of NPPs have been enhanced or
added, some were already incorporated in SSR2/1
4
IAEA
Radiation protection requirements have been enhanced:
• High radiation doses or large radioactive releases shall be
practically eliminated, (SSR-2/1 Requirement 5, item 4.3),
• Design basis accidents have no, or only minor, radiological impacts,
on or off the site, and do not necessitate any off-site intervention
measures (SSR-2/1 Requirement 19, item 5.25),
• For Design extension conditions, only protective measures that are
of limited scope in terms of area and time shall be necessary for
protection of the public, and sufficient time shall be made available
to implement these measures (SSR-2/1 Requirement 20, item 5.31).
Consequently …
5
Up to date requirements
IAEA
1- Strengthening the prevention of unacceptable radiological
consequences for the public and environment
2- Strengthening severe accident mitigation measures so that, if an
accident occurs, off site contamination is avoided or minimized
3- Preventing severe accident through strengthening the general
plant design basis.
Practically some requirements have been
added or enhanced…
Added or enhanced requirements aim at:
Up to date requirements
6
IAEA
Strategy to ensure that the likelihood of an accident having harmful
consequences is extremely low shall be reinforced,
Additional postulated accident conditions shall be incorporated in the general
plant design for the purpose to enhance the plant capability to prevent initiating
events from escalating to a core melt accident, or to withstand conditions
generated by a core melt accident,
A set of specific measures shall be implemented to justify that possibilities for
an early or large release are eliminated,
Capabilities of the on site power sources shall be increased, and shall include
an emergency power supply designed to supply necessary power in AOOs and
DBA in the event of a LOOP, and an alternate power source to supply
necessary power in DECs,
The capability to transfer heat to an ultimate heat sink shall be ensured for all
plant states,
7
Up to date requirements
IAEA
The design shall provide appropriate margins so that cliff edge effects are
avoided, and early or large release are prevented in the event of levels of
natural hazards exceeding those considered for design,
For multiple unit plant sites, the design shall take due account of the potential
for specific hazards to give rise to impacts on several or even all several units
on the site simultaneously,
For NPPs with multiple units, each unit shall have its own safety systems and
its own safety features for design extension conditions,
For reactors using a water pool system for fuel storage, the design shall prevent
the uncover of the fuel assemblies so as to practically eliminate the possibility
of early or large radioactive releases and to avoid high radiation fields on the
site,
The design shall provide adequate features to facilitate the use of non
permanent equipment.
8
Up to date requirements
IAEA
Plant Sates to be considered in the plant design
NO
(AOO) AO DBAs
(safety systems)
Operational States Accidents conditions
General plant Design Beyond Design
Severe Accidents
DECs
Without significant fuel damage
A set of Core melt accident conditions
NO AO DBAs
(safety systems)
Operational States Accident Conditions
General plant Design Beyond
design
Conditions practically
eliminated
Sequences of a very low frequency
SSR-2/1, 2012
Earlier Concept
9
IAEA
Design Extension Conditions without core
melt to be considered for design are Reactor
technology and Design dependent.
Plant states DECs without core melt
Practically, most of them depend on the reliability
of the safety systems.
10
IAEA
Plant states DECs without core melt
Safety features for DECs are additional necessary mitigation means to
mitigate the consequences of postulated multiple failures
(deterministic approach) or to meet the CDF (probabilistic approach).
11
• Initiating events that could lead to
situations beyond the capability of
safety systems that are designed for a
single initiating event.
• Combination of a PIE with multiple
failures that prevent the safety systems
from performing their intended function
to control the PIE.
• Multiple failures causing the loss of a
safety function in normal operation.
Examples of Prescriptive DECs:
• Anticipated Transient Without Scram
• Station Black Out
• Loss of normal access to the ultimate
heat sink
• Steam generator tube ruptures & Steam
line break
Examples of DECs identified by PSA
• Loss of the heat transfer chain
• LOCA and failure of the ECCS (high
pressure head or low pressure head
injection)
IAEA
Principle 8: Prevention of accidents
All practical efforts must be made to prevent
and mitigate nuclear or radiation accidents.
A defence in depth strategy has been recognized
as a fundamental principle to keep the likelihood
of an accident having harmful consequences
extremely low.
• Combination of a number of consecutive and
independent levels of protection that would have to fail
before harmful effects could be caused to people or to
the environment.
• The independent effectiveness of the different levels of
defence is a necessary element of defence in depth. 12
Defence in depth
IAEA
On site power supply (SSR2/1 rev 1, Req 68)
13
Emergency power source (EDGs)
• To maintain the plant in hot shutdown
conditions in the event of a LOOP
• To operate the plant to cold shutdown
conditions in the event of a LOOP
• To mitigate the consequences of DBAs
+ LOOP
Alternate power source
• To preserve the integrity of the RCS and to
prevent significant fuel damage during SBO
conditions
• To supply the necessary power in DECs, in
particular to equipment necessary to mitigate
the consequences of a core melt accident
• The alternate power source shall be
independent and physically separated from
the emergency power source. Time for its use
is less than the depletion time of the batteries
Continuity of power for the monitoring of the key plant parameters and for the completion of
short term actions necessary for safety shall be maintained in the event of a loss of the AC
(Alternating Current) power sources.
The design shall include features to enable the safe use of non-permanent equipment to restore
the necessary electrical power supply.
IAEA
Spent Fuel Pool (SSR2/1 rev 1, Req 80)
14
Design shall be such as to prevent the uncovering of fuel assemblies in all plant states
that are of relevance for the spent fuel pool, so that the possibility of conditions arising
that could lead to an early radioactive release or a large radioactive release is
practically eliminated and so as to avoid high radiation fields on the site.
The design of the plant
• shall provide the necessary fuel cooling capabilities
• shall provide features to prevent the uncovering of fuel assemblies in
the event of a leak or a pipe break
• shall provide a capability to restore the water inventory.
The design of the plant shall also include features to enable the safe use
of non-permanent equipment to ensure sufficient water inventory for the
long term cooling of spent fuel and for providing shielding against
radiation
IAEA
Heat transfer to the ultimate heat sink
15
The capability to transfer heat to
an ultimate heat sink
shall be ensured for all plant
states.
This capability shall be maintained
for levels of natural hazards
exceeding those to be considered
for design, taking into account the
site hazard evaluation.
May require the use of a
different ultimate heat sink
or different access to the
ultimate heat sink unlikely to
fail for the same root cause
SSR2/1 rev 1, Req 53
IAEA
“Be prepared to the unexpected…”
• Accident management should anticipate
accidents and complex sequences beyond
those considered in the reference design of
the plant (INSAG 3),
• Scenarii should be postulated and the plant
response analysed to assess the grace
period time before unacceptable
consequences, and to identify necessary
complementary means,
• Periodic drills should be performed.
• Non permanent equipment should not be
needed to mitigate the postulated accident
conditions.
Defence in depth and accident management
16