Know Nuclear

Reactor Safety

Safety of a reactor is of prime concern to its owner, for several reasons: to ensure the safety of the public, the reactor operators, and of the investment itself. Therefore, the design of a reactor is developed according to industry standards.

These industry standards are developed by expert committees under the aegis of professional not-for-profit organizations such as the American Society of Mechanical Engineers. They incorporate the best design, construction and operational standards, which have been developed over many decades of experience. For example, the standards for reactor pressure-vessel design arose out of standards for the construction of boilers for Mississippi River boats that had previously been failing. The standards have since been modified and added to for the fabrication of very thick stainless steel pressure vessels far advanced from those on the paddle-wheel steamers.

The building of a reactor takes many steps: choice of a suitable site; design of the power plant to fit that site; fabrication of the components and construction of the plant; low power commissioning; and, finally, full power operation. At each stage, the designer assures himself of the safety of operation.

In addition, the licensing authority, the Nuclear Regulatory Commission (NRC) overviews the process and issues permits and licenses at significant points to allow work to proceed. The NRC has previously reviewed the industry standards and issued them (sometimes with modifications) as NRC standards incorporated into law — thereby ensuring that the best of industrial practices are incorporated into all new plants.

Design

When a plant is designed, it does not start from scratch; it can already incorporate all that is good in industrial practice using industry standards.

Industry standards cover every aspect of plant design from its layout to the safety of individual components. For example, the construction of a 9″ thick stainless steel vessel has its fabrication standards, while the wiring of monitoring and control circuits has its own standards. Each set of standards has been developed and approved by experts in that particular part of the technology.

However, most of them will incorporate certain safety principles, which are specified in general design criteria approved again by a consensus of experts.

Using these safety principles and the design standards for the details of design, fabrication and eventual construction, the design team has to design a plant for safe operation.


Design Standards

A reactor is designed for a particular site according to industry standards for safe design and construction of all its components and systems as well as its operation. These industry standards incorporate the best design, construction and operational standards, which have been developed over many decades of experience. For example, the standards for reactor pressure-vessel design arose out of standards for the construction of boilers for Mississippi River boats that had previously been failing. The standards have since been modified and added to for the fabrication of very thick stainless steel pressure vessels far advanced from those on the paddle-wheel steamers. These standards are developed by expert committees under the aegis of professional not-for-profit societies such as the American Society of Mechanical Engineers.

Industry standards cover every aspect of plant design from its layout to the safety of individual components. For example, the construction of a 9″ thick stainless steel vessel has its fabrication standards, while the wiring of monitoring and control circuits has its own standards. Each set of standards has been developed and approved by experts in that particular part of the technology.

Many of the standards are very specialized, covering perhaps the details of dye-penetrant testing of pipes and vessels to search for any surface flaws during fabrication. Others will deal with the separation of control systems from safety systems amongst the wiring, and still others will deal with seismic response analysis of plant components. Most of them will incorporate certain safety principles, which are specified in the general design criteria approved again by a consensus of experts.


Safety Principles

There are six principles of safety that are the same for all machinery, from modern cars to windmills to dams to nuclear plants. The goal in creating new machinery is to comply with as many of these principles as possible, depending on what the regulation for that particular machinery requires. In the nuclear industry, regulation requires compliance with all six of them.

These safety principles are:

Multiple Barriers Typically, if one knows that one might get hurt from machinery, the primary safety requirement is to keep the user clear of any danger, by providing at least one or preferably multiple barriers. Cars offer multiple barriers in a similar fashion. They have collapsible front and rear ends; airbags; and seatbelts, to protect people from harm in case of a crash. Nuclear power plants also offer multiple barriers: the canned fuel, the pressure vessel and the containment, to protect the public from the release of radioactive materials.

Redundancy It is a good principle that if something must work, then more than one of them is included just like four wheel brakes on a car. In a nuclear power plant, there are four different ways of obtaining a shutdown when needed: shutdown by heat feedback; dual active-shutdown systems; operator shutdown, or triple electronic systems.

Diversity Then to be sure that one safety system works, it is preferable that the second be of a different design and even be made of different materials, just like foot brakes and hand brakes in a car. This ensures that if the first system fails, the second system won’t fail for the identical reason. In a nuclear power plant, diversity is obtained through different designs of control rods and shutdown rods, and through different designs of electronic systems.

Protection from human error While humans can act rapidly and responsibly, they can also make mistakes, so incorporating automatic actions for times when the human makes a mistake is good safety practice. For example, some cars offer automatic fuel line cut-off on impact. In nuclear power plants, an automatic reactor shutdown offers that protection.

Monitoring One needs to know how the machinery is working and whether there are signs that it might fail, like low oil pressure in your car, or in modern cars, low pressure in your tires. Nuclear power plants are monitored extensively throughout the entire heat production process.

Passive rather than active safety systems Where possible it is good practice to make use of the laws of nature to correct situations. In nuclear power plants, gravity is used to drop a barrier or a control rod more reliably than an active mechanism to do the same thing.


Designing a Reactor for Safe Operation

A reactor designer first makes sure that the fission process can be shutdown in a variety of ways. The primary defense is by ensuring that the core is designed so that high temperatures automatically change the core characteristics, fissioning is reduced and the temperatures go back down. This is called inherent safety. Secondly, multiple automatic electronic systems monitoring the core for abnormal temperatures will insert control rods to stop the fission, and, if necessary, automatic fast shutdown rods are also available to act as brakes. Finally, there is always the operator who watches control room monitors. He can also instantly insert the shutdown rods from a single button.

Next, the designer must ensure that the reactor is always cooled — generally in current commercial reactors, by water. Thus, the plant has more-than-one water path (generally three loops) to bring cooled water into the vessel. Monitors alert automatic valves to open or close so that adequate water is brought in and that the pressures in various vessels in the steam side are within limits. In an emergency, there is also a completely separate fourth cooling system. Finally, the operator also watches significant water temperatures, pressures and flows on monitors, to be able to take manual action if needed. This might include shutting the system down and/or activating the separate emergency cooling system. He can also bypass any valves that might be sticking.

The plant itself is designed to quality standards that are higher than in any other industry with sufficient margins in materials and designs to take care of any accident conditions. Materials do not melt just because the temperature is a little raised and vessels do not burst even when the pressure is above normal operational values.

Furthermore, the whole plant is designed to withstand earthquakes beyond any historically expected, and to withstand extreme weather conditions and their consequences. For example, the outer containment can withstand hurricane missiles like a flying car or shafts of wood and metal. Greenpeace activists provided an excellent test of the containment when they fired mortar missiles at the French Super-Phenix plant from across the river. They could only chip the surface of its concrete. Later, during hurricane Andrew in Florida, the safest place for families of the operators as the hurricane passed directly over the plant was inside its containment.


Experience

There have been four significant accidents in the development of nuclear power — in Canada (1952), in Britain (1957), in the US (1979) and in Russia (1986). From each of those events, more management and safety lessons have been learnt and incorporated into designs. The Canadian, British and Russian designs are no longer used. There have been no accidents in the last 15 years while 104 nuclear plants have provided the US with one fifth of its electrical needs. Over 300 more are in operation around the world providing energy day-by-day without noxious emissions.

The results of safe design.

The Paul Scherrer Institute in Switzerland published in 2000 a comprehensive study of energy-related accidents. Comparing them per Terawatt-year, Hydroelectricity has 884, coal has 342, gas has 85 and the nuclear option has a history of only eight.


Regulation

The United States has established a Nuclear Regulatory Commission to assure the safety of all sources of radiation that might arise from Special Materials — fissionable materials. Thus, the Nuclear Regulatory Commission regulates nuclear power plants through a series of reviews, permits and licenses.

However, safety is the responsibility of competent designers and operators, not the regulators. The safety of a reactor is ensured by its designers. They establish the criteria for safe operation and design according to accepted industry standards. Regulators, however, independently review these criteria and standards and make a judgement as to their adequacy. The regulators judge the expertise of the work, meld good judgement into law and, finally, enforce that law. The designer ensures safety while the regulator assures safety.

First, the site is approved by the Nuclear Regulatory Commission according to criteria that include distances to the public, access, power, water, and security. Next, following a review of the design and a preliminary safety assessment, the Nuclear Regulatory Commission will issue a construction permit. Then, after continuous review on the construction site to ensure things are built as the owner has specified, and after receiving a final safety analysis report (a very large tome of upwards of a dozen 4″ binders), the NRC will issue a preliminary operational license. This allows the owner to do low-power tests prior to operation. During these tests, the system will be filled and heated, and all instrumentation, valves, controls, and shutdown mechanisms will be tested extensively. Finally, the Nuclear Regulatory Commission, after reviewing the results of the tests, will issue the license to operate.

During operation, the licensing authorities follow operation with on-site inspectors and follow every maintenance action. Changes to plant design or operation outside of the agreed specifications of the license have to go through another NRC approval process.


Fabrication and Construction

As the design proceeds the safety of the plant is analyzed thoroughly to meet and better regulatory protection standards.  The analysis is presented to the Nuclear Regulatory Commission as a Preliminary Safety Analysis Report (PSAR) and once that has been approved, the design is fixed. Then the owner can proceed to fabrication and construction.

Since it takes many months to construct a nuclear plant approval to fabricate and construct may be given in several steps depending on whether the item under consideration is safety-related or not. If it is safety-related and appears as part of the PSAR submission, then it is kept under close regulatory scrutiny during fabrication.

Fabrication will take place at a number of locations: the vessels being built by one firm and electronics by another, and pumps and valves by others. However, all fabrication is performed to regulatory-approved industry quality standards. Material integrity of the large components, for example, is tested in several ways including radiographing and dye-penetrant methods; each governed by a standard. In this way, the owner can be assured that every piece of the plant is of high quality. The chain of construction will have no weak links.

Construction, by the project’s architect engineering firm, is performed also to industry standards for such things as concrete mixes, rebar strength and density, welding techniques and so on. It is under close regulatory scrutiny and there will be a resident Nuclear Regulatory Commission inspector(s) on site while the work goes on.


Low-Power Commissioning

After the plant design has been approved and the plant built, it must be tested before being placed into operation. This is called low-power commissioning and it is a time to make corrections if anything proves to be out of specifications.

The Nuclear Regulatory Commission will permit vessels and piping to be filled with liquids (generally water), pumps can be operated and valves can be opened and closed. This is especially so for emergency systems that, although never expected to be operated in the plant’s lifetime, must operate if called upon. This is similar to the first fill of your newly installed replacement car engine with oil and the first cranking of the pistons. Although you are not going to drive it a hundred-miles-an-hour today, you would like to know that it all works and nothing leaks. If you installed a new car radiator, you would need to know that all the connecting hoses are tight even before you started the car.

Naturally, the inspectors of the Nuclear Regulatory Commission are involved throughout these low-power commissioning tests. When the plant operators and the regulators are satisfied with all the tests and that they agree with predictions (which go into the safety case), the plant may be granted a license for full-power operation.


Full-Power Operation

Full-power operation is a natural extension of low-power commissioning. It is exactly like starting and running your car when you buy it since you know that all the low-power commissioning tests have been done.

Sometimes, the Nuclear Regulatory Commission may license the plant to come to power in a series of steps: 25%, 50%. 90% and 100% of full power, but the effect is the same. The result is full-power operation and the quiet generation of clean electricity for the plant lifetime of 30 to 40 years or more.


Other Items Contributing to Safety

Safety is a comprehensive state encompassing many things including good management, safe design, industry standards, and positive regulation. Safety also includes well-trained staff and operators, attention to emergency plans if anything went wrong, and, on another level, security.

Training

Training is vital to ensure that operators and other staff such as maintenance crews know exactly what to do and why they are doing it that way. In addition, training ensures that everyone is trained to do the job the same way.

Therefore, staff training at all levels is regular. Operators must go through yearly training (with exams) and success in training is necessary for them to continue in their position. It would not be too strong to say that good training of all staff, at all levels, is a basis for safe operation.

Emergency Plans

While it is very unlikely that anything will go seriously wrong, nevertheless emergency plans are set in place to protect operators and anyone who might be in or in the vicinity of the plant. These emergency plans involve close cooperation with off-site agencies like the police, the fire department, and even school buses, if they are part of any evacuation plan that has been approved.

Security

Security is related to safety including and beyond plant operation. Therefore, security plans are confidential and known only to those with a need to know: plant management, the police, certain regulators, and anyone who needs to act.

One part of security is aimed at those misguided individuals who might feel a need to disrupt the operation of the plant or who might want to prove that they could steal materials. It has never been done, nevertheless security plans are made for each plant. They do not contribute directly to safety of operation but they would stop anyone, like a terrorist, who might have harmful objectives.

Know Nuclear

  • Follow Us
  • Sign up for newsletters
  • Center for Nuclear Science and Technology Information of the American Nuclear Society

    © Copyright 2014