Power Generation Technology Blog Russia


power generation technology blog russia WNA: Evolution of Nuclear Safety over 50 Years Wednesday, November 2nd, 2011 Ian Hore-Lacy Director of Public Communications World Nuclear Association “Nuclear Safety” comprises the various provisions made at all stages in the design, construction, operation and decommissioning of nuclear facilities to protect people and the environment against exposure to radiation and the dispersal of radioactive substances under all circumstances. Since the first nuclear power plants were built, based on those propelling nuclear submarines, there has been a steady increase in understanding of the technology and a concurrent evolution in design and operation of reactors, which has greatly improved the safety of today’s plants. Only three first-generation reactors remain in operation (in UK), most of the 432 operational reactors are second-generation (Gen II), and a few (in Japan) are third-generation. The main nuclear reactor designs operating over the last 50 years have been pressurized-water and boiling-water reactors (PWR and BWR), with these designs being strongly represented among those considered Generation III – the most up to date models available today. Hence this article will focus largely on those two broad technologies. Another key aspect of nuclear safety is the way plants are operated, and the evolution there with the development of safety culture and international benchmarking and peer review is more remarkable and probably more significant than the engineering, which is the focus of this article. Defence-in-depth To achieve optimum safety, nuclear plants use a ‘defence-in-depth’ approach, with multiple safety systems supplementing the natural features of the reactor core. Safety could be said to have evolved to Generation III types, giving neighbours greater assurance that there is an extremely small likelihood of significant radioactive release, and even that would not be sudden. For owner/ operators the change is more marked, in that there is much reduced likelihood of equipment damage in any circumstance. (Three Mile Island & Fukushima plants were write-offs, in a Gen III reactor a serious problem is likely just to take the reactor offline for a while.) The design stage for a reactor usually starts with an essentially “deterministic” approach, listing events that could lead to the dispersion of radioactive material in the environment, and defining the parameters within which the reactor will be designed to avoid this. This is known as the Design Basis, and anything further is ‘Beyond Design Basis’. The designers then devise ways and design systems that to counter incipient incidents or accidents within the Design Basis, and should they occur, to mitigate their consequences. Increasingly, attention is paid to Beyond Design Basis contingencies. This deterministic approach is then supplemented with a “probabilistic” approach, a verification stage. In this, the robustness of the plant to initiating events is tested, taking into account the various probabilities for engineered systems as well as human operators to succeed or fail in the prevention or mitigation of incidents. These probabilities are either well-established by real observations and actual operating experience, or they are estimated based on the best available comparisons. Both aspects have moved a long way since the first Gen II plants were designed fifty years ago, which is hardly surprising in the light of 14,500 reactor-years of operational experience since then. The Three Mile Island accident in 1979 was of enormous benefit in developing effective defence-in-depth, and in 1996 additional levels were formally added to the approach. First, ‘beyond design basis’ situations were addressed with the objective of controlling severe plant conditions that were not taken into account in the plant design, and secondly, the mitigation of radiological consequences of significant radioactive releases was addressed. Several scenarios that were considered ‘beyond design basis’ for Gen II reactors are now included in the design basis for new reactors (notably multiple failures accidents, and core melt accidents). Furthermore, for the existing plants, the defence-in-depth mainly considered the nuclear fuel when loaded in the reactor vessel. For new reactors, the scope of defence-in-depth has to cover all risks involved with the nuclear fuel, even when stored in the fuel pool. Both these have obvious relevance to the Fukushima accident. Key aspects of the defence-in-depth approach are: » high-quality design & construction, using special ‘nuclear grade’ materials and components, complying with international standards such as ASME N-stamp; » equipment which prevents operational disturbances or human failures and errors developing into problems; » comprehensive monitoring and regular testing to detect equipment or operator failures; » redundant and diverse systems to control damage to the fuel and prevent significant radioactive releases; » provision to confine the effects of severe fuel damage (or any other problem) to the plant itself. These can be summed up as: Prevention, Monitoring, and Action (to mitigate consequences of failures) applied at every stage of the life-cycle: design, construction, operation and decommissioning. Physical barriers The safety provisions include a series of physical barriers between the hot radioactive reactor core and the environment, and the provision of multiple safety systems, each with back-up, and designed to accommodate human error. Safety systems in the sense of back-ups and containment account for a substantial part of the capital cost of nuclear power reactors. The barriers in a typical plant are: » The fuel is in the form of solid ceramic (UO2) pellets, and radioactive fission products remain largely bound inside these pellets as the fuel is burned; » The pellets are packed inside sealed zirconium alloy tubes to form fuel rods; » These fuel rods (as part of fuel assemblies) are confined inside a large steel pressure vessel with walls up to 30 cm thick – the associated primary water cooling pipework is also substantial; » All this, in turn, is enclosed inside a robust pre-stressed reinforced concrete containment structure with walls at least one metre thick. There are thus three significant barriers around the fuel, which itself is stable up to very high temperatures. The quality of both the fuel and the barriers has steadily improved over half a century of operating experience. Each element relating to these barriers is monitored continuously: » The fuel cladding, by tracing some specific radioisotopes in the primary coolant water; » The primary circuit (high pressure cooling circuit), by monitoring its leak rate. In the case of PWR plants, primary to secondary system leakage through steam generator tubes is closely monitored in order to anticipate anything that could lead to a tube rupture; » The containment structure, by closely monitoring its possible minor leakage rate by computing inside pressure, temperature, and often air input that enters it to power the various apparatus inside. For all of these barriers, different thresholds are established, allowing either further operation with additional monitoring, or limiting conditions of operations, or curtailing them in order to re-establish sufficient safety margins, or in some cases the plant must be shut down for repair. Periodical tests during major maintenance outage supplement this online surveillance by additional pressure tests, their severity and frequency usually being defined by national laws or applicable codes: 10-yearly hydro tests for major components including the primary circuit at a higher pressure than those during normal operations, and 10-yearly pressure tests for the containment at a pressure simulating an accident scenario. Back-up power supply is absolutely basic if the reactors are shut down for any reason. This is normally provided by large diesel generators, two or three per reactor unit, and they are run periodically to ensure readiness. Newer ones are air-cooled, so that they do not have to rely on heat exchangers which may become damaged as at Fukushima (where all but one of the diesels themselves were also swamped). Inherent and passive safety Traditional reactor safety systems are ‘active’ in the sense that they involve electrical or mechanical operation on command. Some engineered systems operate passively, e.g. pressure relief valves. Both require parallel redundant systems. Inherent or full passive safety design depends only on physical phenomena such as convection, gravity or resistance to high temperatures, not on the functioning of engineered components. All reactors have some elements of inherent safety, but in some recent designs the passive or inherent features substitute for active systems in decay heat cooling etc. The main safety features of most reactors are inherent – negative temperature coefficient and negative void coefficient. The first means that as the temperature increases the reactivity decreases (this in fact is used to control power levels in some new designs). The second means that if any steam has formed in the cooling water there is a decrease in moderating effect so that fewer neutrons are able to cause fission and the reaction slows down automatically. These physics features have not changed in the main reactor designs, but their application is improved. A passive system should not rely on external mechanical or electrical power, signals or forces. It does rely on natural laws of physics, properties of materials, and internally stored energy. Thus decay heat removal from a reactor by thermosyphoning to an elevated tank of water once a valve opens is passive. In practice most designs do allow active signals since there would usually be a need to switch from active heat removal systems for full power operation, to passive decay heat removal systems after an accident, and engineered components may be involved in activating the system. Fully passive designs such as AP1000 and ESBWR do not require any inputs at all for a 72 hours “grace period” to achieve safety. Main reactor functions There are three functions, with obvious safety implications, required in a nuclear reactor: » to control reactivity, including being able to shut down the reactor » to cool the fuel, including removal of decay heat » to contain all radioactive substances. These need to be constantly monitored, and operators must be able to make necessary corrections, if trends show degradation. The monitoring needs to be very reliable, and newer digital control systems present the results to operators more helpfully than in the past. Control of reactivity is primarily by using the neutron-absorbing control rods which are inserted down into the core in PWRs, and up into it in BWRs (since steam separators etc are above the core). Control rods must be able to be inserted very quickly and reliably to shut down the reaction completely if required. A secondary way to shut down the reactor is to poison the moderator/ coolant water with a neutron absorber such as boron. While control rod concept and function has not changed greatly in new designs, the quality and robustness of the fuel has improved substantially, allowing increased fuel burn-up with increased enrichment. In line with increasing quality and robustness of fuel rods, some fuels now make greater use of burnable poisons such as gadolinium or erbium, which enable much longer fuel life. Cooling requires both normal operational systems to transfer the heat from the very energy-dense core to steam in the turbine, and also secondary circuits for prolonged cooling to remove decay heat from the fuel after shutdown – these are sized at about 5% of the main circuit capacity, and in some new designs may be passive. Then there must be back-up supplies of power and water to enable all this under all circumstances, plus the means of getting this water into the core, and it is these areas that much change has occurred. Emergency core cooling systems are a basic insurance, and modern plants have more of them and more diverse provision here than older ones. Newer plants are more likely to incorporate substantial water storage high in the reactor building. Emergency core cooling systems (ECCS), though in themselves an insurance and back-up provision, need duplication and back-up, including both high- and low-pressure systems. The number and sophistication of these has grown over the years. For instance in the GE-Hitachi ESBWR design, even the emergency core cooling system has eliminated the need for pumps, using passive systems and stored energy. In relation to a loss of coolant accident (LOCA), the Westinghouse AP1000 uses a (passive) gravity-driven makeup from the refueling water storage, after the primary cooling system is automatically depressurized. Emergency core cooling water is then added by gravity from the tank at the top of the building. Mitsubishi’s new APWR has some similar features combining active and passive cooling systems in double containment. It is the basis of Japan’s new PWR construction plans. The ECCS of the US version has four independent trains, and its outer walls and roof are 1.8 m thick. Rosatom’s new VVER-1200 design building on Russian experience have enhanced active and passive safety features, double containment, and a core-catcher. It is the basis of Russia’s future plans. In designs such as the new AP1000, decay heat removal from both the primary cooling system and also the containment is passive, by convection. No safety-related pumps or ventilation systems are needed for the first 72 hours. All PWRs have a large tank of cold water, the Refueling Water Storage Tank, used to flood the core when it is shut down for refueling. But the AP1000 design locates this tank inside containment and uses it for emergency decay heat removal. Inside the tank is a passive heat exchanger which is part of a full-pressure, closed, natural circulation loop connected to the reactor coolant system. The heat exchanger is activated by failsafe air-driven valves that open upon loss of power. Thus decay heat can be removed passively by thermosyphoning convection in the event of total power loss. Not all decay heat removal cooling systems are passive – the new Areva EPR has four separate, redundant active safety systems, as well as passive safety features. The safety systems are physically separated through four ancillary buildings on the same concrete raft, and two of them are aircraft crash protected. Back-up diesel generators are similarly dispersed. In its broadest sense, passive safety emphasizes the use of natural forces (gravity, self-correcting neutronic feedback) and de-emphasizes systems which require large amounts of electricity (eg for pumps), complex logic, or high energy. This is innately attractive, but active systems enable operators to address precisely what is going on, not relying on a designer having earlier anticipated everything. Containment is more straightforward. The AP1000 containment consists of an inner steel pressure shell surrounded by a concrete outer shell. If necessary, water from an elevated reservoir at the top of the building flows by gravity over the inner shell to provide passive heat removal via heat conduction through the shell, aided by natural convection of air between the two shells. Following shutdown it too requires no active intervention for 72 hours. Core melting probability Originally core melting was ‘beyond design basis’, but today reactors are designed for grappling with the contingency of a core melting and producing a very hot eutectic of fuel, zirconium and debris, known as corium. Provision for this may be with a large ceramic core catcher like a giant water-cooled ashtray under the pressure vessel (as in the EPR), assuming that the corium might melt through the steel, or it may be with in-vessel retention of corium enabled by water cooling around the pressure vessel (AP1000). Regulatory requirements today for new plants are that the effects of any core-melt accident must be confined to the plant itself, without the need to evacuate nearby residents. Originally, wide evacuation would have been assumed, as at Fukushima. Calculated core damage frequency has been one of the main metrics to assess reactor safety. European safety authorities prefer a deterministic approach, focusing on actual provision of back-up hardware, though they also undertake probabilistic safety analysis for core damage frequency. Control systems In the last fifteen years digital instrument and control (I&C) systems have replaced analogue ones, providing operators with much more data about plant operations and a level of detail and analysis better than available from analogue ones, as well as remote access to diagnostics and data. All US operating reactors, all but four French ones, and most others in the world use analogue I&C systems. All Generation III reactors and most, if not all, new reactors of any type use digital ones. Related to this is the hardening of control rooms so that power and filtered clean air are guaranteed, even if the main plant systems are down and portable generator trucks are being used. They should also have emergency communications such as satellite phones. With newer plants, such features are standard, and they are retrofitted to some older ones. Siting and plant layout Perhaps the most obvious safety provision is in siting a nuclear power plant, and the Fukushima accident has reminded us of that. While nuclear plants are, where possible located close to the sea or other major water bodies to provide for cooling, they must not be vulnerable to flooding. In any case basic equipment such as switchgear and back-up provisions such as generators are today located very conservatively to allow for any major natural disaster that might affect the plant itself. Conclusion Just as in comparing a 1960s motor car to a 2010 model the differences add up to quite a lot, though individually the component functions haven’t changed remarkably, so with nuclear reactors. To the engineer and technician the detail changes are more evident, to the lay observer or even driver, they are incremental, and the main change is simply in reliability. But considerable evolution in many aspects of design has occurred, and is reflected in much greater safety today. Acknowledgment: This article draws on lecture notes of Dr V.Snell for the Reactor Safety Course at McMaster University, advice from Francois Perchet at WNU with his extensive nuclear operating experience, comments from Adrian Bull at Westinghouse, as well as many WNA information papers. Tags: 50 Years, Nuclear Safety, WNA, World Nuclear Association Posted in WNA: Nuclear safety \| No Comments »	CURRENT ISSUE » See Online Magazine« Sponsors: Regional Producers: Blog Archives February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 November 2010 September 2010 August 2010 July 2010 June 2010 April 2010 March 2010 Categories Alstom enters into two electricity transmission agreements in Russia (1) ANDRTIZ HYDRO Alexander Schwab interview (1) Auma Nuclear Actuators (1) CoGen District Heating Applications (1) COGEN Europe (3) Cogen Europe energy savings (1) Copa Data presents zenon with comprehensive Multi-touch support (1) COPA-DATA (1) COPA-DATA launches new product – the zenon Analyzer (1) copadata COPALP VIZIMAX KEMA certification (1) Crane ChemPharma Flow Solutions (1) Delesto Agreement with Honeywell (1) Director General of ROSATOM (1) Dow Cable and Wire Sevkabel Signs Pivotal License Agreement (1) Editors Notes Powertec Magazine (1) Elster Interview (1) Emerson announces Smart Energy Initiative to help customers optimise industrial energy production and use (1) Emerson to automate unit at one of Europe’s largest thermal power plants Surgut -2 (1) Enel OGK-5 (1) Energy Efficiency in Russia (1) ESHA Small Hydro Power in Russia (1) EuroSibEnergo (1) Federal Grid Company (1) Gazprom and RWE agree upon Memorandum of Understanding on Power Projects (1) Gazprom Global Energy (1) gazpromneft South Priobsky Gas Turbine Power Station (1) George Rizhinashvili Deputy Chairman of the Management Board at RusHydro (1) Heller System (1) Hogfors Heat Transfer and Flow Technology (1) HONEYWELL UNVEILS VIRTUALIZATION SUPPORT FOR EXPERION® PROCESS KNOWLEDGE SYSTEM (1) Hydro Power Technical Regulation Russia (1) interview (1) Invensys PLC (1) KEMA Certification for zenon IEC 61850 Client Driver from Copadata (1) Korto Cavitation Diagnostics and Monitoring (1) Landis+Gyr (Europe) (1) Loesche (1) Loesche Launches Mobile Containerised Coal Grinding Plant (1) LOESCHE POWTECH 2011 (1) LOESCHE PRESENTS THE WORLD’S FIRST CONTAINERIZED COAL GRINDING PLANT (1) Loesche Round Table India (1) Loesche Round Table Korea (1) Loesche's LM_Master – Model-based Predictive Process Optimisation for Ecologically Increasing Plant Performance (1) Managing Director of Tranter CIS LLC (1) MRSK smart grids (1) Nikolay Pryazhkin Bopp & Reuther (1) OJSC Power Machines (1) OJSC “ VNIIG Vedeneev “ (1) OSisoft Interview (1) Osisoft Real Time Software (1) Power Generation News (1) Power Machines reliable steam turbines (1) Poyry Reconstruction of Russia’s District Heating System (1) ROGTEC Magazine (2) ROLLS-ROYCE TURNS THE TIDE ON RENEWABLES (1) ROLLS-ROYCE WINS ORDER FOR MALAYSIAN OFFSHORE FIELD (1) Roman Birdnikov Federal Smart Grid Company (1) ROSATOM next generation nuclear power plants (1) ROSATOM NPP Rehabilitation (1) Rosatom Russian Nuclear Expertise (1) Saving Energy in Russia (1) Schott Power Feed (1) Sempell discuss Nuclear Valves (1) Sergey Mironosetsky General Director of the Siberian Generating Company (1) Siemens interview Joachim Athenstaedt (1) Siemens to provide condensate polishing system for new power plant in India (1) Siemens to provide cooling tower make-up water treatment equipment to India (1) Smart Utilities Russia 2011 (1) Solutions for the power generation market: Siemens helps provide high-quality water for power producers in Asia (1) Technology Developments Russian Nuclear Power (1) Technopromexport Kaliningrad thermal power station-2 (1) Telatek Group (1) TGC-1 interview CEO Boris Vainzikher (1) The Busines of Power (1) Thermtech Mobile TCC® unit (1) Turboden Geothermal Plant (1) TYAZHMASH (1) Uncategorized (2) Vice President of Power at Invensys (1) WNA: Nuclear safety (1) Wood Group GTS wins gas turbine overhaul contract with Surgutneftegaz (1) World Nuclear Association Nuclear devlopments (1) World Nuclear Association Technology Developments & Plant Efficiency (1)

Home Page\|About Us\|PowerTec Magazine\|Media Kit\|Market Overview\|Events Calendar\|Regional Producers\|Past Issues\|Contact Us\|Sitemap \|Power News Tel: +350 2162 4000 Fax:+350 2162 4001 PowerTec Magazine © 2009/2012 - All rights Reserved \| Legal Disclaimer Website design and development by Saul Haslam and DTimagen - SEO by Solar Internet Specialists in SEO Spain