Application of Selected Safety Requirements from IAEA SSR-2/1 in the EC6 Reactor Design

Transcription

1 Application of Selected Safety Requirements from IAEA SSR-2/1 in the EC6 Reactor Design Technical Meeting on Safety Challenges for New NPPs June 2015, Vienna, Austria - Copyright -

2 A world leader SNC-Lavalin s Nuclear team provides leading nuclear technology products and full-service solutions to nuclear utilities around the globe. Our team of 1,300 engineering, procurement, construction and project management experts offer customized operations, maintenance and plant life management services, including waste management and decommissioning for light water and CANDU-type reactors. Our experts in nuclear steam plant and balance of plant engineering carry out life extension projects, and design and deliver state-of-the-art CANDU reactors, which are capable of operating on many types of fuel including natural uranium, mixed oxide (MOX) fuel, recycled uranium (RU) and thorium. 2

3 Safety first Remember that all SNC-Lavalin meetings begin with a Health & Safety moment. Safety doesn t happen by accident. SAFETY FIRST 3

4 Outline EC6 Design Overview Requirement 7 for Level 2 defence-in-depth: Distributed Control System approach Requirement 53: Emergency Heat Removal System (Level 3 defencein-depth) Requirements 54 and 20: Containment envelope (Levels 3 and 4 defence-in-depth) Requirement 20: Emergency Containment Filtered Venting System (Levels 4 and 5 defence-in-depth) Requirement 20: Severe Accident Heat Removal System (Level 4 defence-in-depth) Requirement 67: Emergency Support Centre (Levels 4 and 5 defencein-depth) 4

5 EC6 Design

6 EC6 Reactor Natural uranium fuel Heavy water moderator and coolant Pressure tubes; calandria not a pressure vessel Coolant physically separated from moderator Small/simple fuel bundle On-power refuelling 6

7 EC6 Heat Transport System The HTS comprises the heat transport pumps, steam generators, feeders, fuel channels, and associated piping, arranged in two figure eight loops. Heat generated by nuclear fuel in the fuel channels passes through the outlet feeders to the outlet headers, then delivered to the SGs. Heat is transferred to the feedwater on the secondary side of the SGs to generate steam. The primary coolant is pumped from the SGs back to the inlet headers, then back to the core via the inlet feeders. 7

8 Examples of Design Approaches to Address SSR-2/1 Safety classification Requirement 7: Digital Control Systems Requirements 53 and 25: Emergency Heat Removal System Requirements 54 and 20: Containment envelope Requirement 20: Emergency Containment Filtered Venting System Requirement 20: Severe Accident Heat Removal System Requirement 67: Emergency Support Centre

9 Safety Classification for EC6 Design Safety Class A Safety Class B A system is assigned to Class A if it meets any of the following criteria: a) Maintains pressure boundary integrity of heat transport system where a failure would lead to a non-isolatable loss of coolant accident. b) Performs an immediate fast reactor shutdown function to prevent an initiating event from leading to unacceptable consequences that exceed the design bases of Heat Transport System or safety systems. A system not included in Safety Class A is assigned to Safety Class B if it meets any of the following criteria: a) Performs the function of core cooling to prevent an initiating event from leading to unacceptable consequences that exceed the design bases. b) Performs the function of containment to prevent an initiating event from leading to unacceptable radioactive releases that exceed the design bases. A system not included in Safety Class A or B is assigned to Class C if it meets any of the following criteria: a) Supports the operation of Class A or B systems. Safety Class C b) Performs safety functions in longer term as a backup. c) Failure of the system during operation (i.e. running failure) initiates a design basis accident. d) Provides monitoring of safety functions during a design basis accident. Safety Class D Not important to safety A system not included in Safety Class A, B or C is assigned to Safety Class D if it meets any of the following criteria: a) Maintains adequate operating conditions for safety systems or systems important to safety during normal plant operation, AOO or DBAs. b) Prevents minor releases of radioactive materials. c) Prevents/minimizes radiation exposure of plant staff. d) Provides monitoring that the plant remains within normal conditions. e) Provided for mitigation or monitoring of DEC. A system not included in Safety Class A, B, C or D is assigned to not important to safety. 9

10 Safety Classification for EC6 Design System Safety Class Code/Standard Fuel Handling Control and Display Systems C CSA N290.4 IEC standards or equivalent Essential Control Sub-System C CSA N290.4 IEC standards or equivalent Emergency Heat Removal System C CSA N285 series Containment envelope B CSA N287 series Emergency Filtered Containment Venting System Severe Accident Recovery Heat Removal System D D CSA N285 series CSA N285 series Emergency Support Centre D CSA N

11 Digital Control Systems Control systems are designed to assure that failures and deviations from normal operation are minimized EC6 improvements using distributed control systems: Fuel handling control and display systems: fully separate system with independent and diverse digital sub-system to implement protective safety interlocks Fully digital device control sub-systems to interface via digital communications with the digital group controls Read-backs provided from the digital device control sub-systems to the PDS, advanced alarm annunciation system, and computer based procedures All important to safety mitigating functions in a separate IEC Class 2 mitigating controller, called the essential control sub-system Additional parameters for setback and stepback, e.g., end shield outlet temperature high and Shield Cooling System pump differential pressure low SSR-2/1 Requirement 7: Defence in depth Clause 4.11 (a) Clause 4.11 (b) Clause 4.11 (b) Clause 4.11 (c) Clause 4.11 (c) 11

12 Emergency Heat Removal System With feedwater available to the steam generators, thermosyphoning in the intact Heat Transport System (HTS) will prevent fuel failures EHRS addresses design basis accidents that cause Loss of heat removal from the steam generators, or Loss of heat removal from the Emergency Core Cooling System (ECCS) heat exchangers EHRS performs the following functions: Gravity-fed make-up to the steam generators from the Reserve Water Tank Pumped make-up to the steam generators from an external water supply Seismically qualified back-up cooling water for the ECCS heat exchangers Water supply to HTS to make up for small leaks or losses (as a back-up to ECCS) All system components required to perform on demand for a flow permissive function are duplicated in parallel SSR-2/1 Requirement 53: Heat transfer to an ultimate heat sink Systems shall be provided to transfer residual heat from items important to safety at the nuclear power plant to an ultimate heat sink. This function shall be carried out with very high levels of reliability for all plant states.. SSR-2/1 Requirement 25: Single failure criterion All system components required to perform on demand for a flow isolation function are duplicated in series 12

13 Containment Containment design pressure of 400 kpa (g) Design leakage rate of 0.2%/day Seismically qualified to design basis earthquake with PGA of 0.3 g Steel liner plate on the entire inside surface of the containment structure Ensures leak-tightness is within acceptable limits and Prevents spalled concrete from being generated as a result of an external impact Increased thickness of the containment structure from the CANDU 6 plants SSR-2/1 Requirement 54: Containment system for the reactor A containment system shall be provided to ensure, or to contribute to, the fulfilment of the following safety functions at the nuclear power plant: (i) confinement of radioactive substances in operational states and in accident conditions, (ii) protection of the reactor against natural external events and human induced events and (iii) radiation shielding in operational states and in accident conditions. Meets current safety requirements for radiation shielding, missile protection, aircraft crash, and fire protection 13

14 Severe Accident Recovery and Heat Removal System RESERVE WATER TANK Low-flow Spray Header External Water Supply With removal of decay heat from the core available, progression of core damage can be arrested With removal of heat from containment available, containment integrity can be maintained Inspection Port MODERATOR HEAD TANK SARHRS addresses design extension conditions that cause Loss of heat removal from the steam generators with intact fuel channels, CALANDRIA Loss of heat removal from the calandria vessel with failed fuel channels, and/or Loss of heat removal from containment ECCS Strainer On-site Fresh Water Source 14

15 Severe Accident Recovery and Heat Removal System SARHRS performs the following functions: Pumped make-up to directly to the steam generators from an external water supply Gravity-fed make-up from the RWT to the calandria vessel Gravity-fed make-up from the RWT to the calandria vault Containment low flow spray from the RWT Requirement 20: Design extension conditions 5.27 to prevent accident conditions not considered design basis accident conditions, or to mitigate their consequences, as far as is reasonably practicable. This might require additional safety features for design extension conditions, or extension of the capability of safety systems to maintain the integrity of the containment. Pumped make-up to the RWT from external source to continue gravity-fed make-up and low flow spray Recover water from the reactor building basement, cool it using a heat exchanger, and deliver it to the RWT for make up Drain contaminated water from RB postsevere accident 15

16 Emergency Containment Filtered Venting System With containment integrity maintained, uncontrolled, unfiltered releases of radioactivity can be prevented ECFVS addresses design extension conditions that cause Overpressurization of containment ECFVS performs the following functions: Controlled, filtered venting of containment Monitoring of radioactive releases 16

17 Summary Some examples of the design approach that has been taken in the EC6 design to implement safety requirements from IAEA SSR-2/1 have been presented: Level 2 defence-in-depth: improvements through the use of the Distributed Control System, addition of setback and stepback parameters and a separate system for fuel handling Requirement 53: EHRS for level 3 defence-in-depth Requirements 54 and 20: Containment envelope for levels 3 and 4 defence-in-depth Requirement 20: ECFVS for levels 4 and 5 defence-in-depth Requirement 20: SARHRS for level 4 defence-in-depth Requirement 67: Emergency Support Centre for levels 4 and 5 defencein-depth 17

18 Enhanced CANDU 6 Technical Summary 18