Safety specifications for design of nuclear power plant
(Revised in 2016, approved and issued by the National Nuclear Safety Administration on October 26, 2016)
1 Introduction
1.1 Purpose
In order to realize the safe operation of nuclear power plants and prevent or mitigate the consequences of events that may endanger safety, this document specifies the design of structures, systems and components that are important for the safety of nuclear power plants, and the requirements that must be met by regulations and organizational processes.
This document is applicable to the analysis, verification and examination, technical support and nuclear safety supervision in the design, construction, operation and decommissioning stages of nuclear power plants.
1.2 Scope
1.2.1 This document specifies the requirements of comprehensive safety evaluation to determine the potential hazards that may arise in various operating conditions and accident conditions of nuclear power plants. The safety evaluation process involves two complementary technologies, i.e. deterministic safety analysis and probabilistic safety analysis. Various postulated initiating events must be considered in the analysis, including many factors that may affect safety individually or in combination. These events are of the following types:
(1) event originated from the operation of nuclear power plant;
(2) event caused by personnel behaviors;
(3) event directly related to the nuclear power plant and its environment.
1.2.2 This document does not involve general industrial safety which is extremely unlikely to affect nuclear safety and non-radioactive impact caused by the operation of nuclear power plant.
1.2.3 The nuclear power plant referred to hereof mainly refers to the onshore stationary nuclear power plant with water-cooled reactor, which is designed for power generation or other heating applications (such as centralized heating or seawater desalination).
1.2.4 The design of reactors of other types or adopting innovative technologies may refer to this document, but shall be subjected to careful evaluation and judgment.
2 Safety objective and defense in depth concept
2.1 Safety objectives
2.1.1 The basic safety objective is to establish and maintain effective defense against radioactive hazards in nuclear power plant so as to protect the people and environment from such hazards.
2.1.2 The following measures must be taken to achieve the basic safety objective:
(1) control the radiation exposure to personnel and the release of radioactive materials to the environment during operation;
(2) limit the possibility of events causing the reactor core, spent fuel, radioactive waste or any other radiation source of the nuclear power plant to get out of control;
(3) mitigate the consequences of the above events (if any).
2.1.3 The basic safety objective is applicable to all activities of nuclear power plants, including planning, site selection, design, manufacturing, construction, debugging, operation and decommissioning, as well as transportation of radioactive materials, management of spent fuel and radioactive waste, etc.
2.2 Radiation protection design
2.2.1 In order to achieve the basic safety objective, the radiation protection design must ensure that the radiation exposure in the nuclear power plant or the radiation exposure caused by any planned emission of radioactive materials from the nuclear power plant is lower than the specified limit value under all operating conditions, and may be as low as reasonably possible. At the same time, measures shall be taken to mitigate the radioactive consequences of any accident.
2.2.2 In order to achieve the basic safety objective, the radiation protection design must make all radiation sources of nuclear power plants under the control of strict technical and management measures. However, it neither rules out the limited exposure to personnel, nor the emission of radioactive materials permitted by laws and regulations from operating nuclear power plants to the environment. The above radiation and emission must be strictly controlled, meet the operating limits and radiation protection standards, and be as low as reasonably possible.
2.3 Safety design
2.3.1 The safety design must:
(1) prevent accidents with harmful consequences caused by out-of-control of the reactor core or other radiation sources, and mitigate the consequences in case of any accident;
(2) ensure that the radioactive consequences of all accidents considered in the design are lower than the relevant limits, and keep them as low as reasonably possible;
(3) ensure that the possibility of accidents with serious radioactive consequences is extremely low, and minimize the radioactive consequences of such accidents as much as possible.
2.3.2 To prove that the basic safety objective has been achieved in the design of nuclear power plant, the design must be subjected to comprehensive safety evaluation, so as to determine all sources of radiation exposure, and to assess the radiation dose to the nuclear power plant staff and the public, as well as the possible impact on the environment. The following contents should be considered for such safety evaluation: (1) normal operation of nuclear power plant; (2) the performance of nuclear power plant in case of anticipated operation event; (3) accident conditions. It is necessary to confirm the design capability of resisting the postulated initiating events and accidents, verify the effectiveness of items important to safety, and determine the input of emergency plan on the basis of analysis.
2.3.3 Although measures have been taken to control the radiation exposure in all operating conditions to be as low as reasonably possible and to minimize the possibility of out-of-control accidents of radiation sources, there is still the possibility of accidents. Therefore, it is necessary to take measures to ensure the mitigation of radioactive consequences. Such measures include: safety facilities and safety systems, accident management regulations for nuclear power plants formulated by operation units, and off-site intervention measures formulated by relevant national and local departments.
2.3.4 For the safety design of nuclear power plants, practical measures must be taken to reduce the impact of nuclear and radiation accidents on human life, health and environment. The accident sequence of nuclear power plants that may lead to high radiation dose or massive radioactive release must be eliminated practically; it must be ensured that the accident sequence of high-frequency nuclear power plants has no or only minor potential radioactive consequences. The basic objective of safety design is to limit or even cancel off-site protective actions that technically reduce the radioactive consequences.
2.4 Defense in depth concept
2.4.1 The main means to prevent accidents in nuclear power plants and mitigate the consequences of accidents is to apply the defense in depth concept. This concept is implemented throughout all safety-related activities, involving the organization, personnel behavior or design of nuclear power plants under various powers and shutdown conditions, so as to ensure that these activities are under the defense of various independent measures at different levels. Even if a fault occurs, it will be detected, compensated or corrected by appropriate measures. The defense in depth is implemented throughout the design and operation to deal with various anticipated operation events and accidents caused by equipment fault or human factors in the plant, as well as the consequences caused by external events.
2.4.2 The defense in depth concept is mainly applied through the combination of a series of continuous and independent defense levels to prevent accidents from harming people and environment. If the defense at a certain level fails, that at the next level will provide protection. Independent effectiveness of each level of defense is an essential component of defense in depth.
(1) The purpose of the first level of defense is to prevent facility from deviating from normal operation and prevent fault of items important to safety. At this level, it is required to select the site of, design, build, maintain and operate nuclear power plants correctly and conservatively according to proper quality level and verified engineering practice. Therefore, great attention shall be paid to the selection of appropriate design codes and materials, and the quality of the manufacturing of components and construction and debugging of nuclear power plants shall be controlled. At this level, the design measures reducing the possibility of internal hazard are helpful to prevent accidents. Moreover, attention shall also be paid to the design, manufacturing, construction, in-service inspection, maintenance and test processes and procedures, as well as the good accessibility during these activities, the operation mode of the nuclear power plant, the utilization of operation experience, etc. The whole process is based on the detailed analysis that is to determine the operation and maintenance requirements of nuclear power plants and their quality management requirements.
(2) The purpose of the second level of defense is to test and control the facilities from deviating from normal operation, so as to prevent the anticipated operation events from escalating into accident conditions. Despite precautions, some postulated initiating events may still occur in nuclear power plants during their service life. At this level, it is required to set up specific systems and facilities in the design, confirm their effectiveness through safety analysis, and formulate operation regulations to prevent these initiating events or minimize their consequences as possible, so that the nuclear power plant can return to a safe state.
(3) The third level of defense is set up based on the assumption that although it is impossible, the escalation of some anticipated operation events or postulated initiating events may still not be prevented by the previous level of defense and they evolve into accidents. In the design of nuclear power plants, it is assumed that these accidents may occur. Therefore, inherent safety characteristics and (or) engineered safety features, safety systems and regulations must be adopted to prevent the radioactive release that causes damage to the reactor core or requires off-site intervention measures, and to make the nuclear power plant return to a safe state.
(4) The purpose of the fourth level of defense is to reduce the accident consequences caused by the failure of the third level of defense in depth. The fourth level of defense is realized by controlling the progress of accidents and mitigating the consequences of serious accidents. The safety objective hereof is to take limited protective actions in area and time in case of serious accidents, and to avoid or minimize off-site radioactive contamination. This requires that the sequence of events that may lead to early radioactive release or massive radioactive release be actually eliminated.
(5) The purpose of the fifth level, that is, the last level of defense, is to reduce the radioactive consequences of the potential radioactive release caused by accident conditions. At this level, it is required to provide appropriate emergency facilities and formulate emergency plans and procedures for on-site and off-site emergency response.
2.4.3 On the other hand, the application of defense in depth concept is to set up a series of physical barriers in the design, and adopt the combination of active and passive facilities and inherent safety characteristics, so that the physical barriers can effectively contain radioactive materials in specific areas. The quantity of physical barriers required depends on the initial source terms characterized by total radionuclide and isotopic composition, the effectiveness of a single barrier, possible internal and external hazards and the potential consequences of various failures.
3 Design safety management
3.1 Design safety management responsibilities
The operation units must ensure that the design submitted to the nuclear safety regulator under the State Council meets all applicable safety requirements. All organizations involved in important activities related to safety design of nuclear power plants, including design units, shall be responsible to ensure that top priority is given to safety matters.
3.2 Quality assurance
3.2.1 The quality assurance program describing the overall arrangement of management, implementation and evaluation of nuclear power plant design must be formulated and implemented. This program includes measures ensuring the design quality of each structure, system and component as well as the overall design quality of the nuclear power plant, including measures to identify and correct design defects, check design appropriateness and control design changes.
3.2.2 The design, including change, modification or safety improvement, must be carried out in accordance with the procedures determined by appropriate engineering codes and standards, must reflect applicable requirements and design basis, and must determine and control design interfaces.
3.2.3 Whether the design (including design means, design input and output) is appropriate or not must be verified and confirmed by individuals or groups not originally engaged in design. The verification, confirmation and approval shall be completed as soon as possible in the design and construction process, no later than the first loading of the nuclear power plant in any way.
3.3 Maintenance of safety and integrity of nuclear power plant design throughout the service life
3.3.1 The operation unit shall take full responsibility for safety. It must establish a formal system to ensure the safety and integrity of nuclear power plant design throughout its service life.
3.3.2 To facilitate the transfer of detailed design data such as safety analysis report, design manual and other design documents to the operation unit, a department responsible for the overall design process shall be set up as soon as possible, and a management process shall be formulated to be responsible for the design safety and integrity of the nuclear power plant within the management system of the operation unit.
3.3.3 The design of nuclear power plant may be shared by many organizations: engineering company, supplier of reactor and its auxiliary system, supplier of main equipment, designer of electrical system and supplier of other system important to the safety of nuclear power plants, etc. The operation unit must manage the design activities entrusted to external organizations.
3.3.4 The department fully responsible for the design process must ensure that the design of nuclear power plant meets the acceptance criteria in terms of safety, reliability and quality. These criteria shall meet the relevant laws, regulations, standards and codes. The work scope and responsibilities must be established and determined so as to:
(1) ensure that the design conforms to its objective and meets the requirements of protection and safety optimization, so as to keep the radiation risk as low as reasonably possible;
(2) ensure that the ways to continuously ensure the design safety include design verification, determining engineering codes, standards and requirements, adopting verified engineering practices, providing feedback on construction experience, approving important engineering documents, conducting safety evaluation and maintaining safety culture;
(3) ensure that the design data required for safe operation, maintenance (including appropriate test period) and modification shall be available; the previous operation experience and verified research results shall be properly considered for design data, which shall be maintained in the latest state by the operation unit;
(4) ensure to maintain the management of design requirements and state control;
(5) ensure to establish and control necessary interfaces between the responsible designer and the supplier involved in design;
(6) ensure that the operation unit needs to maintain necessary engineering professional data and scientific and technological data;
(7) ensure that all design changes have been reviewed, verified, documented and approved;
(8) ensure to maintain sufficient documents to facilitate the decommissioning of nuclear power plants in the future.
HAF 102-2016 Safety regulation for design of nuclear power plant (English Version)
Standard No.
HAF 102-2016
Status
valid
Language
English
File Format
PDF
Word Count
25000 words
Price(USD)
750.0
Implemented on
2016-10-26
Delivery
via email in 1 business day
Detail of HAF 102-2016
Standard No.
HAF 102-2016
English Name
Safety regulation for design of nuclear power plant
Chinese Name
核动力厂设计安全规定
Chinese Classification
Professional Classification
HAD
ICS Classification
Issued by
National Nuclear Safety Administration
Issued on
2016-10-26
Implemented on
2016-10-26
Status
valid
Superseded by
Superseded on
Abolished on
Superseding
Language
English
File Format
PDF
Word Count
25000 words
Price(USD)
750.0
Keywords
HAF 102-2016, HAF/T 102-2016, HAFT 102-2016, HAF102-2016, HAF 102, HAF102, HAF/T102-2016, HAF/T 102, HAF/T102, HAFT102-2016, HAFT 102, HAFT102
Introduction of HAF 102-2016
Safety specifications for design of nuclear power plant
(Revised in 2016, approved and issued by the National Nuclear Safety Administration on October 26, 2016)
1 Introduction
1.1 Purpose
In order to realize the safe operation of nuclear power plants and prevent or mitigate the consequences of events that may endanger safety, this document specifies the design of structures, systems and components that are important for the safety of nuclear power plants, and the requirements that must be met by regulations and organizational processes.
This document is applicable to the analysis, verification and examination, technical support and nuclear safety supervision in the design, construction, operation and decommissioning stages of nuclear power plants.
1.2 Scope
1.2.1 This document specifies the requirements of comprehensive safety evaluation to determine the potential hazards that may arise in various operating conditions and accident conditions of nuclear power plants. The safety evaluation process involves two complementary technologies, i.e. deterministic safety analysis and probabilistic safety analysis. Various postulated initiating events must be considered in the analysis, including many factors that may affect safety individually or in combination. These events are of the following types:
(1) event originated from the operation of nuclear power plant;
(2) event caused by personnel behaviors;
(3) event directly related to the nuclear power plant and its environment.
1.2.2 This document does not involve general industrial safety which is extremely unlikely to affect nuclear safety and non-radioactive impact caused by the operation of nuclear power plant.
1.2.3 The nuclear power plant referred to hereof mainly refers to the onshore stationary nuclear power plant with water-cooled reactor, which is designed for power generation or other heating applications (such as centralized heating or seawater desalination).
1.2.4 The design of reactors of other types or adopting innovative technologies may refer to this document, but shall be subjected to careful evaluation and judgment.
2 Safety objective and defense in depth concept
2.1 Safety objectives
2.1.1 The basic safety objective is to establish and maintain effective defense against radioactive hazards in nuclear power plant so as to protect the people and environment from such hazards.
2.1.2 The following measures must be taken to achieve the basic safety objective:
(1) control the radiation exposure to personnel and the release of radioactive materials to the environment during operation;
(2) limit the possibility of events causing the reactor core, spent fuel, radioactive waste or any other radiation source of the nuclear power plant to get out of control;
(3) mitigate the consequences of the above events (if any).
2.1.3 The basic safety objective is applicable to all activities of nuclear power plants, including planning, site selection, design, manufacturing, construction, debugging, operation and decommissioning, as well as transportation of radioactive materials, management of spent fuel and radioactive waste, etc.
2.2 Radiation protection design
2.2.1 In order to achieve the basic safety objective, the radiation protection design must ensure that the radiation exposure in the nuclear power plant or the radiation exposure caused by any planned emission of radioactive materials from the nuclear power plant is lower than the specified limit value under all operating conditions, and may be as low as reasonably possible. At the same time, measures shall be taken to mitigate the radioactive consequences of any accident.
2.2.2 In order to achieve the basic safety objective, the radiation protection design must make all radiation sources of nuclear power plants under the control of strict technical and management measures. However, it neither rules out the limited exposure to personnel, nor the emission of radioactive materials permitted by laws and regulations from operating nuclear power plants to the environment. The above radiation and emission must be strictly controlled, meet the operating limits and radiation protection standards, and be as low as reasonably possible.
2.3 Safety design
2.3.1 The safety design must:
(1) prevent accidents with harmful consequences caused by out-of-control of the reactor core or other radiation sources, and mitigate the consequences in case of any accident;
(2) ensure that the radioactive consequences of all accidents considered in the design are lower than the relevant limits, and keep them as low as reasonably possible;
(3) ensure that the possibility of accidents with serious radioactive consequences is extremely low, and minimize the radioactive consequences of such accidents as much as possible.
2.3.2 To prove that the basic safety objective has been achieved in the design of nuclear power plant, the design must be subjected to comprehensive safety evaluation, so as to determine all sources of radiation exposure, and to assess the radiation dose to the nuclear power plant staff and the public, as well as the possible impact on the environment. The following contents should be considered for such safety evaluation: (1) normal operation of nuclear power plant; (2) the performance of nuclear power plant in case of anticipated operation event; (3) accident conditions. It is necessary to confirm the design capability of resisting the postulated initiating events and accidents, verify the effectiveness of items important to safety, and determine the input of emergency plan on the basis of analysis.
2.3.3 Although measures have been taken to control the radiation exposure in all operating conditions to be as low as reasonably possible and to minimize the possibility of out-of-control accidents of radiation sources, there is still the possibility of accidents. Therefore, it is necessary to take measures to ensure the mitigation of radioactive consequences. Such measures include: safety facilities and safety systems, accident management regulations for nuclear power plants formulated by operation units, and off-site intervention measures formulated by relevant national and local departments.
2.3.4 For the safety design of nuclear power plants, practical measures must be taken to reduce the impact of nuclear and radiation accidents on human life, health and environment. The accident sequence of nuclear power plants that may lead to high radiation dose or massive radioactive release must be eliminated practically; it must be ensured that the accident sequence of high-frequency nuclear power plants has no or only minor potential radioactive consequences. The basic objective of safety design is to limit or even cancel off-site protective actions that technically reduce the radioactive consequences.
2.4 Defense in depth concept
2.4.1 The main means to prevent accidents in nuclear power plants and mitigate the consequences of accidents is to apply the defense in depth concept. This concept is implemented throughout all safety-related activities, involving the organization, personnel behavior or design of nuclear power plants under various powers and shutdown conditions, so as to ensure that these activities are under the defense of various independent measures at different levels. Even if a fault occurs, it will be detected, compensated or corrected by appropriate measures. The defense in depth is implemented throughout the design and operation to deal with various anticipated operation events and accidents caused by equipment fault or human factors in the plant, as well as the consequences caused by external events.
2.4.2 The defense in depth concept is mainly applied through the combination of a series of continuous and independent defense levels to prevent accidents from harming people and environment. If the defense at a certain level fails, that at the next level will provide protection. Independent effectiveness of each level of defense is an essential component of defense in depth.
(1) The purpose of the first level of defense is to prevent facility from deviating from normal operation and prevent fault of items important to safety. At this level, it is required to select the site of, design, build, maintain and operate nuclear power plants correctly and conservatively according to proper quality level and verified engineering practice. Therefore, great attention shall be paid to the selection of appropriate design codes and materials, and the quality of the manufacturing of components and construction and debugging of nuclear power plants shall be controlled. At this level, the design measures reducing the possibility of internal hazard are helpful to prevent accidents. Moreover, attention shall also be paid to the design, manufacturing, construction, in-service inspection, maintenance and test processes and procedures, as well as the good accessibility during these activities, the operation mode of the nuclear power plant, the utilization of operation experience, etc. The whole process is based on the detailed analysis that is to determine the operation and maintenance requirements of nuclear power plants and their quality management requirements.
(2) The purpose of the second level of defense is to test and control the facilities from deviating from normal operation, so as to prevent the anticipated operation events from escalating into accident conditions. Despite precautions, some postulated initiating events may still occur in nuclear power plants during their service life. At this level, it is required to set up specific systems and facilities in the design, confirm their effectiveness through safety analysis, and formulate operation regulations to prevent these initiating events or minimize their consequences as possible, so that the nuclear power plant can return to a safe state.
(3) The third level of defense is set up based on the assumption that although it is impossible, the escalation of some anticipated operation events or postulated initiating events may still not be prevented by the previous level of defense and they evolve into accidents. In the design of nuclear power plants, it is assumed that these accidents may occur. Therefore, inherent safety characteristics and (or) engineered safety features, safety systems and regulations must be adopted to prevent the radioactive release that causes damage to the reactor core or requires off-site intervention measures, and to make the nuclear power plant return to a safe state.
(4) The purpose of the fourth level of defense is to reduce the accident consequences caused by the failure of the third level of defense in depth. The fourth level of defense is realized by controlling the progress of accidents and mitigating the consequences of serious accidents. The safety objective hereof is to take limited protective actions in area and time in case of serious accidents, and to avoid or minimize off-site radioactive contamination. This requires that the sequence of events that may lead to early radioactive release or massive radioactive release be actually eliminated.
(5) The purpose of the fifth level, that is, the last level of defense, is to reduce the radioactive consequences of the potential radioactive release caused by accident conditions. At this level, it is required to provide appropriate emergency facilities and formulate emergency plans and procedures for on-site and off-site emergency response.
2.4.3 On the other hand, the application of defense in depth concept is to set up a series of physical barriers in the design, and adopt the combination of active and passive facilities and inherent safety characteristics, so that the physical barriers can effectively contain radioactive materials in specific areas. The quantity of physical barriers required depends on the initial source terms characterized by total radionuclide and isotopic composition, the effectiveness of a single barrier, possible internal and external hazards and the potential consequences of various failures.
3 Design safety management
3.1 Design safety management responsibilities
The operation units must ensure that the design submitted to the nuclear safety regulator under the State Council meets all applicable safety requirements. All organizations involved in important activities related to safety design of nuclear power plants, including design units, shall be responsible to ensure that top priority is given to safety matters.
3.2 Quality assurance
3.2.1 The quality assurance program describing the overall arrangement of management, implementation and evaluation of nuclear power plant design must be formulated and implemented. This program includes measures ensuring the design quality of each structure, system and component as well as the overall design quality of the nuclear power plant, including measures to identify and correct design defects, check design appropriateness and control design changes.
3.2.2 The design, including change, modification or safety improvement, must be carried out in accordance with the procedures determined by appropriate engineering codes and standards, must reflect applicable requirements and design basis, and must determine and control design interfaces.
3.2.3 Whether the design (including design means, design input and output) is appropriate or not must be verified and confirmed by individuals or groups not originally engaged in design. The verification, confirmation and approval shall be completed as soon as possible in the design and construction process, no later than the first loading of the nuclear power plant in any way.
3.3 Maintenance of safety and integrity of nuclear power plant design throughout the service life
3.3.1 The operation unit shall take full responsibility for safety. It must establish a formal system to ensure the safety and integrity of nuclear power plant design throughout its service life.
3.3.2 To facilitate the transfer of detailed design data such as safety analysis report, design manual and other design documents to the operation unit, a department responsible for the overall design process shall be set up as soon as possible, and a management process shall be formulated to be responsible for the design safety and integrity of the nuclear power plant within the management system of the operation unit.
3.3.3 The design of nuclear power plant may be shared by many organizations: engineering company, supplier of reactor and its auxiliary system, supplier of main equipment, designer of electrical system and supplier of other system important to the safety of nuclear power plants, etc. The operation unit must manage the design activities entrusted to external organizations.
3.3.4 The department fully responsible for the design process must ensure that the design of nuclear power plant meets the acceptance criteria in terms of safety, reliability and quality. These criteria shall meet the relevant laws, regulations, standards and codes. The work scope and responsibilities must be established and determined so as to:
(1) ensure that the design conforms to its objective and meets the requirements of protection and safety optimization, so as to keep the radiation risk as low as reasonably possible;
(2) ensure that the ways to continuously ensure the design safety include design verification, determining engineering codes, standards and requirements, adopting verified engineering practices, providing feedback on construction experience, approving important engineering documents, conducting safety evaluation and maintaining safety culture;
(3) ensure that the design data required for safe operation, maintenance (including appropriate test period) and modification shall be available; the previous operation experience and verified research results shall be properly considered for design data, which shall be maintained in the latest state by the operation unit;
(4) ensure to maintain the management of design requirements and state control;
(5) ensure to establish and control necessary interfaces between the responsible designer and the supplier involved in design;
(6) ensure that the operation unit needs to maintain necessary engineering professional data and scientific and technological data;
(7) ensure that all design changes have been reviewed, verified, documented and approved;
(8) ensure to maintain sufficient documents to facilitate the decommissioning of nuclear power plants in the future.
