safety systems for pressurized water reactors · safety systems for pressurized water reactors...

Nuclear Engineering Program

Safety Systems for Pressurized Water Reactors

Active Safety Systems AP1000 Passive Core Cooling System

AP1000 Passive Containment Cooling System

Larry Foulke

Director of Nuclear Education Outreach University of Pittsburgh IAEA Workshop 2011

Selected slides courtesy of Westinghouse Electric Co.

Nuclear Engineering Program 2

Learning Objectives Explain the primary objectives of reactor safety. Describe what passive safety means and how it differs from

active safety. Identify natural phenomena that support passive safety. Identify active and passive safety features for current reactors. Describe the background for and the design of the AP1000. Describe passive safety concepts for other advanced reactors Identify passive safety features for AP1000. Describe the passive system verification testing for AP1000. Relate how core damage frequency is used to infer whether a

design is safer.


Primary Objectives of Reactor Safety

The primary objectives of reactor safety systems are: Shutdown the reactor

Maintain it in a shutdown condition

Prevent release of radioactive material

How are these objectives accomplished in today’s reactors?


Active Safety Design Principles Multiple barriers

Defense-in-depth

Protection / safety functions Redundancy

Diversity

Physical separation

Fail-safe principle


Active Safety Design Principles Redundancy

More than minimum number of components

Design to tolerate component failure

Diversity Protects against common-mode failure

Control rods and boric acid injection

Aux feed pumps - both electric and steam driven


Active Safety Design Principles Physical separation

Protects against simultaneous loss

Distance / physical barriers

Combination redundant / diverse / separated Example: emergency electric power supply

Diesel generators

Multiple ties to off-site electrical grid

Storage battery systems


Active Safety Design Principles Fail-safe principle

Components / systems automatically into safest condition w/ failure or power loss

Examples: PWR rods - electromagnetic and gravity; control rods

drop if power supply fails

Protection circuit requiring 2 out of 4: instrument malfunction indicates trip condition


Active Safety Objectives These objectives are accomplished in today’s

reactors using a variety of equipment and concepts such as:

Defense in Depth

Reactor protection system

Emergency core cooling systems

Emergency electrical systems

Multiple barriers

Fail-safe systems

Physical separation

Diversity

Redundancy


Multiple Barriers

1st & 2nd Barriers Pellet & Cladding

4th Barrier Reactor Containment

3rd Barrier Primary-System Boundary

Close-up of steam generator showing the 3rd Barrier


Active Engineered Safety Features


Passive Approach to Safety

Passive safety-related systems Use “passive” processes only, no active pumps,

diesels, … Use the laws of physics to meet safety objectives Gravity Natural circulation Flow from high pressure to low pressure

One time alignment of valves No support systems required after actuation No ac power / cooling water / HVAC / I&C

Greatly reduced dependency on operator actions


Passive Safety Features on Existing Reactors

Examples of passive safety-related systems on existing reactors Pressure relief valves to manage overpressure Doppler broadening of U-238 neutron capture

resonances in nuclear fuel Natural circulation cooling Gravity assisted control rod insertion Design for negative water temperature coefficients of

reactivity


Background for AP600/1000 1980 - Westinghouse started AP600 design

and development AP600 - 600 MWe PWR with 2 loops Focus: passive safety systems and plant

simplification URD - ALWR Utility Requirements Document

via EPRI effort - large experience base from LWR to minimize risks


Power Utility Requirements

Safety Foremost Reliability Maintainability Compatibility with the Environment Economically attractive compared to Fossil-

Fired Units


Power Utility Requirements (Continued) Predictable Construction Costs and

Schedules Assured Licensability Predictable Operating and Maintenance

Costs

Historical US Nuclear Plant Construction Costs Were Out of Control Due to Regulatory Changes and Escalating Costs (Tom Christopher, 4/07)

0

1000

2000

3000

4000

5000

6000

7000

1965 1970 1975 1980 1985 1990

Con

stru

ctio

n C

osts

$/k

We

Dresden Quad Cities

Oconee

McGuire 1 & 2

Catawba

LaSalle 1

Palo Verde 1

Braidwood

Perry

Vogtle

Hope Creek

Wolf Creek

Beaver Valley 2

March 1979 TMI Accident

Diablo Canyon

Financial Markets


U.S. Regulatory Requirements

NRC Rulemaking, 10 CFR 52, permits One-Step Licensing - April 1989

10 CFR 50.46 Requires Experimental Data to Support New Passively Safe Designs

10 CFR 50 Appendix K permits Best-Estimate Analyses to Quantify Safety Margin on a Realistic Basis


AP600 Design Objectives

Greatly simplified plant to meet or exceed NRC safety goals, as well as ALWR Utility Requirements.

Principal features: use experience-based components; plant systems simplification; increased operating margin; reduced operator actions; passive safety features; modularity, reduced footprint.

NRC Design Certification in 1999


3 to 3.5¢/kWh

AP1000 NRC certification in 2005


Conventional PWR, AP600, AP1000

Fewer Components in AP1000


Rod Cluster Control Assembly RCCAs

53 RCCAs Very high thermal neutron absorber silver-

indium-cadmium alloy


Gray Rod Cluster Assembly GRCAs

16 GRCAs Reduced-worth control rods (“gray” rods) - to

achieve load following capability without substantial use of soluble boron - eliminate the need of heavy duty water purification system.


EPR


ABWR (Advanced BWR)

Design Certification - May 1997 1350 MWe evolutionary design Vessel mounted

internal recirc pumps Fine motion control

rod drives Digital I&C 3 full train ECCS

1

3

2

4

5

6

78

9

10

11

12

13

14

15

16

17

18

19

20

21

22

2324

25

26

27

28

29

30

31

32

33

34

1 Reactor Pressure Vessel 18 HPCF Pump2 Reactor Internal Pumps 19 RCIC Steam Turbine and Pump3 Fine Motion Control Rod Drives 20 Diesel Generator4 Main Steam Isolation Valves 21 Standby Gas Treatment Filter and Fans5 Safety / Relief Valves 22 Spent Fuel Storage Pool6 SRV Quenchers 23 Refueling Platform7 Lower Drywell Equipment Platform 24 Shield Blocks8 Horizontal Vents 25 Steam Dryer and Separator9 Suppression Pool Storage Pool10 Lower Drywell Flooder 26 Bridge Crane11 Reinforced Concrete Containment 27 Main Steam Lines

Vessel 28 Feedwater Lines12 Lower Drywell Equipment Hatch 29 Main Control Room13 Wetwell Personnel Lock 30 Turbine-Generator14 Hydraulic Control Units 31 Moisture Separator Reheater15 Control Rod Drive Hydraulic 32 Combustion Turbine-Generator

System Pumps 33 Air Compressor and Dryers16 RHR Heat Exchanger 34 Switchyard17 RHR Pump


EPR (Evolutionary Power Reactor) • 1600 Mwe evolutionary

design

• Four 100% capacity engineered safety feature trains

• Double-walled containment

• Corium spreading area for severe accident mitigation

• Pre-application review beginning

• Design certification application planned


Advanced CANDU Reactor (ACR-700)

• 731 MWe • Light-water coolant • Heavy-water moderator • On-power refueling • First CANDU to have negative

void reactivity coefficient • Modular horizontal fuel

channels • Slightly enriched uranium fuel • Reactor coolant system similar

to PWRs • Pre-application review

underway


ESBWR • “Economic and

Simplified BWR” • 1390 MWe GE reactor

based on Simplified BWR and Advanced BWR

• Natural circulation • Passive safety

systems • Pre-application review

in progress • Design Certification

Application submitted and staff review underway


PBMR (Pebble Bed Modular Reactor)

High Temperature Helium Cooled Reactor

165 MWe range per module 8 modules per common control

room Coated Particle Fuel Spherical Fuel Elements (as per

German reactors) 10 years fuel storage in plant Direct Cycle Gas Turbine (multi-

shaft) Has ‘passive safety with no “safety

systems” fuel integrity maintained under

most severe possible accident remains passively cool by

natural circulation Exelon decided not to continue with

pre-application PBMR Pty. planning pre-

application review


Toshiba 4S Reactor (Super Safe, Small, Simple)

• 10 MWe

• Sodium coolant

• Reactivity control – movable reflectors

• No refueling over 30 year lifetime

• Passive safety

• Pre-application review pending


Westinghouse AP1000 AP1000 is 1117 Mwe Two-Loop PWR

designed to ALWR Utility Requirements NSSS, fuel, & power generation

components same as in current plants Passive safety systems permit

simplification and improve safety Modularization reduces construction to 36

months (1st concrete to fuel load) NRC Design Certification provides

regulatory certainty AP600 12/99

AP1000 1/06

75729A.39


Passive Safety Features - AP1000

Passive safety functions Dedicated safety systems / not used for normal operation Mitigate design basis accidents without non-safety systems Meet NRC safety goals without use of non-safety systems

Passive safety design features Only passive processes; no active pumps, diesels, fans, … Reduced dependency on operator actions

Passive safety equipment design Reliable, experienced based, nuclear grade equipment ASME, Seismic I, full fire / flood / wind protection Availability controlled by Tech Specs with shutdown requirements Reliability controlled by ISI / IST / Maintenance Program


Passive Safety Features – AP1000 Passive Residual Heat Removal

Natural circulation HX connected to RCS Passive Safety Injection

Natural circulation / gravity drain core makeup tanks (at RCS press) N2 pressurized accumulators (700 psig) Gravity drain refueling water storage tank (at containment press) Gravity recirculation of sump water (at containment press) Automatic depressurization valves (from pzr and hot legs)

Passive Containment Cooling Natural circulation of air / evaporation of water on outside surface of steel

containment vessel (1.75-inch thick steel plate heat exchanger) Passive Radiation Removal from Containment Atmosphere

Natural convection / steam condensation removal mechanisms


Passive Safety Features – AP1000

Passive Containment pH Control Baskets of TSP flooded by accident maintain sump pH

Passive Main Control Room (MCR) Habitability Compressed air pressurization of MCR

Passive MCR / I&C Room Cooling Natural convection / conduction to concrete walls /

ceiling Passive Containment Hydrogen Control

Autocatalytic recombiners Nonsafety-related in U.S. / Still safety-related in China


Passive Core Cooling – AP1000 ● PRHR HX

– Natural circ. heat removal (replaces AFWS pumps) ● Passive safety injection

– Core makeup tanks – Full RCS pres, natural circ. inject – Replaces HHSI pumps

– Accumulators – Similar to current plants

– IRWST Injection – Low pres (replaces LHSI pumps)

– Containment recirculation – Gravity recirc. (replaces pumped recirc)

– Automatic RCS depressurization – Staged, controlled depressurization – Stages 1-3 to IRWST, Stage 4 to containment


Passive Core Cooling – AP1000 ● Uses passive safety systems

– Proven by extensive testing and analysis – Extensively reviewed by USNRC – No safety pumps, DGs, chillers

– No ac power required – One time valve alignment

– Most are fail safe ● Provides improved margins

– Transient DNBR margin > 15% – No core uncovery for SBLOCA

– Breaks up and including a DVI line (8”) break

– No operator actions required for SGTR


CMT Operation – AP1000

Standby conditions Filled with borated water, outlet isolated, inlet open to RCS

Line routed up from CL to top CMT and well insulated > water will be hot

Normal CMT conditions are <120oF (49oC) and 2,250 psig (155 bar) Non-LOCA operation

CL remains filled > hot water flows into CMT top Hot CL water and cold CMT water drives natural circulation injection CMT injects for ~45 minutes until CMT water replaced by hot CL water

Initial net injection is ~ 29 lb / sec (13.2 kg / sec) per CMT


CMT Operation (cont.) – AP1000

LOCA Operation Cold Leg drains > steam flows into CMT top Steam from Cold Leg and cold CMT water

drives stronger natural circulation CMT injects for ~25 minutes until CMT

empties Initial injection is ~ 135 lb / sec (61.2 kg / sec) per

CMT


AP1000 ADS Automatic Depressurization System (ADS) Stages 1, 2, 3

Six lines connected to top pressurizer, discharging into IRWST via two spargers Stage 1 lines are 4”, Stages 2 / 3 lines are 8”

Each line has two series closed MOVs, one gate and one globe Gate valve provides low leakage, is sequenced open

first Globe valve controls flow with specified opening time

Stage 1 opens in 25 seconds to minimize air clearing loads on IRWST


AP1000 ADS (cont.)

ADS Stage 4 Four lines are provided (14”), two on each HL

Discharge locally in their respective loop compartments

Squib valves are used to isolate these lines Eliminates possibility of leakage Provide highly reliable actuation; each valve has

three igniters -- two Protection and Safety Monitoring System (PMS), one Diverse Actuation System (DAS)


LOCA Long-Term Cooling


Passive Safety Injection Operation During a LOCA


AP1000 Increases Safety Margins

Typical Plant AP1000 Loss of Flow Margin to ~ 10-14% ~16% DNBR Limit

Feedline Break (oF) >0oF ~140oF Subcooling Margin

SG Tube Rupture Operator actions Operator actionsrequired in 10 min NOT required

Small LOCA 3" LOCA < 8" LOCA core uncovers NO corePCT <1500oF uncovery

Large LOCA PCT (oF) 1700 - 2000oF <1600oF with uncertainty (1) (1)

ATWS, Pres (psig) 3200 psig 2800 psig (% core life) 90% 100%

Note (1) Based on ASTRUM analysis. AP1000 was licensed with a "bounding" BE Large LOCA analysis.


PCS Equipment Layout – AP1000


Passive Containment Cooling Operation During a LOCA


Passive Containment Cooling Operation During a LOCA (Video)


Containment Integrity – AP1000

Number of penetrations greatly reduced 50% fewer for same size plant Main reason is use of passive systems, canned motor RCPs

Normally open lines use fail closed valves Addressed troublesome isolation valves

Use center guided check valves Use double seal butterfly valves Significantly smaller containment purge valves, 16” vs. 36-

42”


Passive Containment Cooling ● Effectively reduces containment

pressure – Peak pres (57.8 psia) reduced to

24 psia in <5 hours – Pressure reduced to < 22 psia in 1

day ● Enhances passive radioactivity

removal processes – PCS operation induces strong

natural circulation of steam, air, and radioisotopes

– Radioisotopes get trapped in condensate on containment wall and drain to basement

safety systems for pressurized water reactors · safety systems for pressurized water reactors...

Documents