Nuclear Engineering Program

A Look at Nuclear Science and Technology

Reactor Safety

L. R. Foulke
Module 7.1 Defense in Depth

Primary Objectives of Reactor Safety

The primary objectives of reactor safety are: Shutdown the reactor Maintain it in a shutdown condition Cool the core Contain the radioactive material How are these objectives accomplished in todays reactors?

Nuclear Engineering Program

Radioactive materials in a 3300-MW(t) light water reactor core grouped by relative volatility
Volatility Noble Gases Very Volatile Moderately Volatile Elements Krypton (Kr) Xenon (Xe) Iodine (I) Cesium (Cs) Tellurium (Te) Strontium (Sr) Barium (Ba) Ruthenium (Ru) Lanthanum (La) Cerium (Ce) Inventory (Ci) 1.7E+8 2.2E+8 7.5E+8 2.3E+7 1.8E+8 3.5E+8 3.4E+8 2.4E+8 4.7E+8 3.9E+8
Table Source: See Note 1

Less Volatile

Energy Sources
Energy Sources During an Accident
Stored Energy Nuclear Transients Decay Heat Chemical Reactions External Events

Nuclear Engineering Program

Energy Sources
Stored Energy in Water-Cooled Reactors
Pressure Suddenly Below Saturation Flashes to Steam Vapor

Nuclear Transients
Reactivity Insertion Power Level Increase Power Pulse

Nuclear Engineering Program

 Decay Heat

Energy Sources
Fission-Product Decay
~7.5% of Full Power at Shutdown Dies Out Slowly (-1/5 Power) Potentially Large Energy Source
Melting / Destruction of Fuel w/o Cooling Severe Flow Blockage Loss of Coolant Absence of Heat Sink

P(t)

t0 t t

Nuclear Engineering Program

Energy Sources
Chemical Reactions
Water Reactors
Zirconium / Cladding Stainless Steel / Structures Oxidation Before Melting
Integrity Fragmentation

Reaction Rate Increases With Temperature Energy Release ~ Amount of Metal Involved Reaction releases hydrogen gas
Nuclear Engineering Program

Energy Sources
External Energy Sources Natural Events
Flood Hurricane Tornado Earthquake Tsunami

Man-Made Events
Aircraft Impact Industrial Explosion

Variable / Tied to Site Selection

Nuclear Engineering Program

Engineered Safety Features

Nuclear Engineering Program

Image Source: See Note 2

Reactor Safety Fundamentals

What is the biggest risk to the public that is unique to nuclear power reactors? Release of radioactive materials. Operating reactors contain an enormous inventory of radioactive products (fuel, fission products, activation products) Release is prevented by Multiple-Barrier Design
Pellet Cladding Reactor Primary Coolant System Containment / Safety Systems
Nuclear Engineering Program

Multiple Barriers

1st & 2nd Barriers Pellet & Cladding

Nuclear Engineering Program

3rd Barrier Primary-System Boundary

4th Barrier Reactor Containment

Image Source: See Note 3

What is Defense in Depth?

Not defined in legislation or regulations Multiple barriers to release of radionuclides
ceramic fuel metallic cladding pressure boundary of reactor coolant system containment exclusion area, low population zone, offsite emergency response plan
Nuclear Engineering Program

 All commercial reactors are designed with a three-tiered defense-in-depth strategy for protecting the reactor, workers, and the public Prevention
Design maintenance and operation procedures to reduce the chances of an incident occurring. Redundant systems to protect against some mechanical failures.

Defense-in-Depth

Protection
Design features and procedures to halt / deal with incidents before they become worse (cause damage).

Mitigation
Limit the consequences of accidents that occur.
Nuclear Engineering Program

Incident Prevention
Prevention - Avoid operational occurrences (or accidents) that can cause
System damage Loss of fuel performance Abnormal release of radioactive materials High reliability components Inherently stable operating characteristics Safety margins Testing and inspections Instrumentation and automatic control Training Quality assurance

Prevention Elements

Nuclear Engineering Program

Incident Protection
Protection
Recognize / accept inevitable failures and errors Halt unlikely incidents and/or transients
Provide automatic and manual systems to quickly shutdown (trip/scram) the reactor

Postulate and analyze every reasonably conceivable failure; prepare protective actions for each incident/accident.
Fast-acting shutdown (trip/scram) Pressure relief (prevent ruptures) Interlocks Automatic monitoring / safety-system initiation

Nuclear Engineering Program

Incident Mitigation
Mitigation
Limit Consequences of Accidents Evaluate Low Probability Severe CoreDamaging Accident Establish Engineering Safety Systems Performance Criteria Measures
Emergency Feed / Core-Cooling / Electric Power Containment Emergency Planning
Nuclear Engineering Program

Other Safety Factors

Other nuclear safety factors
Strong Technical / Scientific Emphasis Free / Open International Exchange
Knowledge / Experience Feedback to the Design Process

Voluntary Peer Oversight / Regulatory Controls

Independent Verification Independent verification does NOT Replace Responsible Design/Operation
Nuclear Engineering Program

Why Defense in Depth?

A way to compensate for uncertainty
In 1950-1960 time frame there was little experience with nuclear power plant operation Idea was to postulate a variety of design-basis accidents and show deterministically that they would not result in core damage No defensible estimates of the relative likelihoods of potential accidents existed Focus was on design-basis large-break loss of coolant accidents (LOCAs)

Nuclear Engineering Program

What is wrong with Defense in Depth? Its expensive It creates complexity It is unbounded It may or may not work
Nuclear Engineering Program

Reactor Safety Analyses

Part of the licensing procedure for every commercial reactor design is to prove that the reactor can operate safely in normal operating conditions as well as selected accident conditions The safety analysis shows the NRC
The plant is designed to remove heat from the core under all conditions The plant can handle transients The plant/core can survive design-basis severe accidents The engineered safety systems designed to cope with off-normal conditions.
Nuclear Engineering Program

NRC Safety Goals

(http://www.nrc.gov/reading-rm/doccollections/commission/policy/51fr30028.pdf)

Issued in 1986, the goals expressed "the Commission's views on the level of risks to public health and safety that the industry should strive for in its nuclear power plants. Two qualitative goals were established: Individual members of the public should be provided a level of protection from the consequences of nuclear power plant operation such that individuals bear no significant additional risk to life and health.
Nuclear Engineering Program

 Societal risks to life and health from nuclear power plant operation should be comparable to or less than the risks of generating electricity by viable competing technologies and should not be a significant addition to other societal risks. To quantify these goals, two quantitative health objectives (QHOs) were also established: The risk to an average individual in the vicinity of a nuclear power plant of prompt fatalities that might result from reactor accidents should not exceed one-tenth of one percent (0.1 percent) of the sum of prompt fatality risks resulting from other accidents to which members of the U.S. population are generally exposed.
Nuclear Engineering Program

 The risk to the population in the area near a nuclear power plant of cancer fatalities that might result from nuclear power plant operation should not exceed one-tenth of one percent (0.1 percent) of the sum of cancer fatality risks resulting from all other causes.

Nuclear Engineering Program

Image Source Notes

1. Haskin, F. E. & Camp, A. L. (1994). Perspectives on Reactor Safety. Table 5.1-14. NUREG/CR-6042. Office of Nuclear Regulatory Research, U.S. Nuclear Regulatory Commission. http://pbadupws.nrc.gov/docs/ML0727/ML072740 014.pdf 2. Reprinted with permission from Nuclear Energy Institute. http://www.nei.org/corporatesite/media/filefolder/c ontainment_wall_construction.jpg 3. Reprinted with permission from the USNRC. http://www.nrc.gov/aboutnrc/regulatory/research/soar/soarca-accidentprogression.html