Design Basis Events FOR Pressurised Heavy Water Reactor: Aerb Safety Guide No - Aerb/Sg/D-5
Design Basis Events FOR Pressurised Heavy Water Reactor: Aerb Safety Guide No - Aerb/Sg/D-5
Design Basis Events FOR Pressurised Heavy Water Reactor: Aerb Safety Guide No - Aerb/Sg/D-5
AERB/SG/D-5
Administrative Officer
Atomic Energy Regulatory Board
Niyamak Bhavan
Anushaktinagar
Mumbai - 400 094.
FOREWORD
Assuring high safety standards has been of prime importance since the inception
of the nuclear power programme in the country. Recognising this aspect, the
Government of India constituted the Atomic Energy Regulatory Board (AERB)
in November 1983, vide Statutory Order No. 4772 notified in the Gazette of India
dated 31.12.1983. The Board has been entrusted with the responsibility of laying
down safety standards and framing rules and regulations in respect of regulatory
and safety functions envisaged under the Atomic Energy Act of 1962. Under its
programme of developing safety codes and guides, AERB has issued four codes
of practice in the area of nuclear safety covering the following topics:
Safety guides are issued to describe and make available methods of implementing
specific parts of the relevant codes of practice as acceptable to AERB. Methods
and solutions other than those set out in the guides may be acceptable if they
provide at least comparable assurance that Nuclear Power Plants (NPPs) can be
operated without undue risk to the health and safety of plant personnel, the
general public and the environment.
Codes and safety guides may be revised as and when necessary in the light of
experience as well as relevant developments in the field. The annexures, foot-
notes, references and bibliography are not to be considered integral parts of the
document. These are included to provide information that might be helpful to
the user.
The emphasis in the codes and guides is on protection of site personnel and the
public from undue radiological hazards. However, for other aspects not covered
i
in the codes and guides, applicable and acceptable national and international codes
and standards shall be followed. In particular, industrial safety shall be assured
through good engineering practices and through compliance with the Factories Act
1948 as amended in 1987 and the Atomic Energy (Factories) Rules, 1996.
This Safety Guide is one of a series of guides which have been prepared or are
under preparation as a follow-up to the Code of Practice on Design for Safety
in Pressurised Heavy Water Based Nuclear Power Plants (AERB/SC/D). The
Guide is based on the current designs of the 220 MWe and 550 MWe Pressurised
Heavy Water Reactors. It lists various Postulated Initiating Events and operational
transients during normal operation and analyses the behaviour of the NPP during
these events with the aim of verifying that acceptable design limits are not
exceeded.
This Safety Guide has been prepared by the staff of AERB, BARC, IGCAR and
NPC. It has been reviewed by experts and vetted by the AERB Advisory
Committees before issue. AERB wishes to thank all individuals and organisations
who have prepared and reviewed the draft and helped in the finalisation of the
Safety Guide. The list of persons who have participated in the committee
meetings, along with their affiliation, is included for information.
(Suhas P. Sukhatme)
Chairman,
AERB
ii
DEFINITIONS
Acceptable Limits
All operational processes deviating from normal operation which may occur
during the operating life of the plant and which in view of appropriate design
provisions, neither cause any significant damage to Items Important to Safety nor
lead to Accident Conditions.
Events of very low probability occurrence, which can lead to severe accident and
not considered as Design Basis Events.
Design
The process and the result of developing the concept, detailed plans, supporting
calculations, drawings and specifications for a facility.
The set of events that serve as part of the basis for the establishment of design
requirements for systems, structures and components within a facility. Design
basis events (DBEs) include normal operations, operational transients and certain
accident conditions under postulated initiating events (PIE) considered in the
design of the facility.
Design Limits
Limits on the design parameters within which the design of the structures,
systems, components and software of a nuclear facility has been shown to be
safe.
1 Examples of anticipated operational occurrences are loss of normal electric power and
faults such as turbine trip, malfunction of individual items of normally running plant, failure of
individual items of control equipment to function, loss of power to main coolant pump, etc.
iii
Event
Normal Operation
Prescribed Limits
Reliability
2 The primary causes of PIE may be credible equipment failures and operator errors both
within and external to the (NPP) man-induced or natural events. The specification of the postulated
initiating events has to be acceptable to the Regulatory Body.
iv
Risk
Safety
Safety Functions
A specific purpose, that must be accomplished for safety. The list of safety
functions is given in AERB Safety Guide on Safety Classification and Seismic
Categorisation (AERB/SG/D-1).
Safety Limits
Limits upon process variables within which the operation of the Nuclear Power
Plant has been shown to be safe.
v
Severe Accidents
Nuclear Power Plant conditions beyond those of the Design Basis Accidents
causing significant core degradation.
Single Failure
vi
CONTENTS
FOREWORD .............................................................................................. i
1. INTRODUCTION .......................................................................... 1
TABLES
BIBLIOGRAPHY .................................................................................. 20
1.1 General
1.1.2 There are no firm criteria for identification and categorisation of DBE;
rather the process is a combination of iteration between design and
analysis, engineering judgement and experience of previous NPP design
and operation.
1.2 Objectives
1.2.1 The behaviour of an NPP following a PIE is analysed to assess the safety
of the NPP. This document prescribes various PIEs. Such an analysis
aims at verifying that the various design limits are not exceeded and that
risk to public health caused by radioactive release is properly assessed.
This Safety Guide also includes a list of operational transients during
normal operation, which are considered for design of components and
systems.
1.3 Scope
1.3.1.1 DBE and their consequences depend on the design details of NPP.
This Safety Guide is based on the current designs of 220 MWe and 500
MWe Pressurised Heavy Water Reactors (PHWR). If there are any
changes in design details of NPP in future or if the operating experience
so demands, it may be necessary to revise the list of DBEs.
1
1.3.1.2 The Annexure gives a list of events for which detailed safety analysis need
not be carried out because of the specific design features of NPP.
Qualitative reasons for not considering such analysis are also included in
the Annexure.
Detailed safety analysis may not also be required for some of the PIEs.
However, the designer should justify why such events need not be
considered for specific NPP for safety analysis. Justification could be
based on the following: probabilistic consideration; degree of defence-
in-depth; site specific reasons; specific features of design/operation of
NPP; or practice followed in other countries.
1.3.1.5 Missiles resulting from aircraft are not considered as initiating events
as siting considerations exclude selection of such a site. [ Ref. AERB
Safety Code AERB/SC/S, Rev. 0, 1990: Code of Practice on Safety in
Nuclear Power Plant Siting].
2
2. CLASSIFICATION OF DESIGN BASIS
EVENTS(DBE)
2.1 General
2.1.1 Design Basis Events (DBE), which form the basis of design of NPP,
include normal operations, operational transients and Postulated
Initiating Events (PIE).
2.1.2 DBE can be classified on the basis of their consequence and expected
frequency of occurrence. Consequences of a rare event can be permitted
to be severe while those of a frequent event can be accepted only at very
low severity. Acceptance criteria for consequences of a DBE, thus, also
depend on frequency of their occurrence. PIE can also be classified into
symptomatic groups depending upon the similarity of their
consequences. Only limiting cases in each group need to be analysed
in detail whereas other cases can be dealt with qualitatively. A
sufficiently broad spectrum of DBE which ensures that all relevant types
of events are considered should form the basis of design analysis. Events
of very low probability of occurrence which are considered only for off-
site emergency plan or site selection issues, are called as Beyond Design
Basis Events (BDBE).
3
(vi) Decrease in PHT system flow rate.
(vii) Radioactive release from a sub-system or a component
(viii) Malfunction of support/auxiliary systems.
(ix) Others.
Events not falling in any of the above categories are called BDBE.
Acceptable radiological dose limit for plant personnel and public for the
events under each category is specified in the AERB Safety Guide on
Radiation Protection in Design of PHWR (AERB/SG/D-12). Limits on
fuel clad and coolant are given in the Design Safety Guide on Fuel Design
(AERB/SG/D-6).
____________________________________
3 The frequencies of occurrence given in this guide are only for illustrative purposes.
4
of events under this category is expected to be greater than or equal to
1 per reactor-year3. Table-1 gives a list of transients expected. This list
serves as a typical example and may be supplemented with additional
transients. The behaviour of the plant and its systems/equipment/
instrumentation should be analysed to prove that design limits are not
exceeded. Adequate margins should be provided to meet requirements
of applicable design codes.
2.3.2.2 The number of DBE during the lifetime of the reactor should be
conservatively estimated for use in design of the NPP. The frequency of
events may be estimated based on the operating experiences of NPP.
2.3.4.1 Events of low frequency which are rare events and likely to occur
~10−2 to 10−4 per reactor-year3 are included in this category. Table-3
lists events of low frequency along with their functional classification.
2.3.5.1 Rare events in this category generally cover multiple failures considered
important for design and which are likely to occur ~10−4 to 10−6 per
reactor-year3. Table-4 gives a list of multiple failures and rare events
considered important for design. For the combination, it is assumed that
two independent initiating events, which do not result from a single cause
cannot occur simultaneously. Multiple failures considered are based on
an initiating event simultaneous with non-availability of a safety system.
2.3.6.1 Events of very low probability of occurrence (less than 10−6 per reactor-
year3), which are considered only for off-site emergency plan or site
selection issues, are called as Beyond Design Basis Events. Table-5 lists
some of the BDBE.
5
3. EVENT EVALUATION
3.1 General
3.1.1 All DBE should be analysed in depth for their effect on safety.
3.2.1 A sequence of events starting from the initiating event to the final
stabilized safe condition should be given on a time scale ( like reactor
trip, PHT system pressure reaching safety relief valve set point, safety
relief valve operation, emergency core cooling system (ECCS) actuation,
containment isolation signal initiation, containment isolation etc.) All
required operator actions should be identified. Operator action should
be qualified with availability of unambiguous signal and time available
for operator action. [Ref. section 0341 of AERB Code of Practice on
Design for Safety in PHWR Based NPP (AERB/SC/D, 1989) for
guidance on credit for operator actions).
6
be defined by the designer based on applicable codes, standards and
practices. Methodologies/computer codes used for each evaluation should
be suitably validated.
____________________________________
4 Agreed methodology for these analysis should be arrived at by the Utility and the
Regulatory Body.
7
TABLE-1: CATEGORY-1 EVENTS
Note:- Ck-m type numbering convention has been followed for numbering of events. First number
“Ck” refers to category, second number “m” refers to the serial number of the event. This note applies
to Table-1 only.
8
TABLE-2: CATEGORY-2 EVENTS
9
TABLE-2: Contd.
10
TABLE-2: Contd.
11
TABLE-2: Contd.
Note:- Ck-m.n type numbering convention has been followed for numbering of events. First number
“Ck” refers to category, second number “m” refers to functional classification and the third number
“n” is the serial number for a particular functional group. Serial numbers are given sequentially in all
categories of events. This note is applicable to Tables-2,3 and 4.
12
TABLE-3: CATEGORY-3 EVENTS
13
TABLE-3: Contd...
Note:- Ck-m.n type numbering convention has been followed for numbering of events. First number
“Ck” refers to category, second number “m” refers to functional classification and the third number
“n” is the serial number for a particular functional group. Serial numbers are given sequentially in all
categories of events. This note is applicable to Tables-2,3 and 4.
14
TABLE-4: CATEGORY-4 EVENTS
15
TABLE-4: Contd...
Note:- Ck-m.n type numbering convention has been followed for numbering of events. First number
“Ck” refers to category, second number “m” refers to functional classification and the third number
“n” is the serial number for a particular functional group. Serial numbers are given sequentially in all
categories of events. This note is applicable to Tables-2,3 and 4.
16
TABLE-5: BEYOND DESIGN BASIS EVENTS5
(c) one door of main airlock stuck open and seals on second
door deflated.
_____________________________________
5 An agreed methodology for analysis of these events should be arrived at by the Utility
and the Regulatory Body.
17
ANNEXURE
A-2 Failure resulting from drop of loads on control rod drive mechanisms:
It is assumed that during operation of NPP the load handling over the
reactor control mechanism should be permitted only after ensuring the
reactor in guaranteed shutdown state with all the reactor shutdown
devices in actuated condition.
18
A-6 Sudden and full flow blockage in reactor coolant channel:
Sudden and full flow blockage in any reactor coolant channel assembly
is not considered credible. Possible blockages objects (viz. nuts, bolts
etc.) fitting exactly with the geometry of the flow passage are unlikely.
Margin in designing bolts for flange joints of pump and its casing is
normally high as compared to other pressure retaining components.
Failure of all the bolts simultaneously in cascaded manner is very
unlikely. Thus, failure of mechanical joints in pump assembly is quite
unlikely.
19
BIBLIOGRAPHY
20
12. AERB, Fire Protection, AERB Safety Guide No. AERB/SG/D-4 (1999).
14. AERB, Code of Practice on Safety in Nuclear Power Plant Siting, AERB
Safety Code No.AERB/SC/S, Rev. 0 (1990)
21
LIST OF PARTICIPANTS
WORKING GROUP
22
ADVISORY COMMITTEE FOR CODES, GUIDES AND
ASSOCIATED MANUALS FOR SAFETY IN DESIGN OF
NUCLEAR POWER PLANTS (ACCGD)
23
ADVISORY COMMITTEE FOR NUCLEAR SAFETY (ACNS)
24
PROVISIONAL LIST OF SAFETY CODES, GUIDES & MANUALS ON
DESIGN OF PRESSURISED HEAVY WATER REACTOR
25
NOTES
26