REGDOC-2.4.4, Safety Analysis for Class IB Nuclear Facilities - Public Consultation

Consultation has concluded

Consultation on REGDOC-2.4.4, Safety Analysis for Class IB Nuclear Facilities is now closed. Thank you to everyone who submitted comments.

REGDOC-2.4.4, Safety Analysis for Class IB Nuclear Facilities sets out requirements and guidance for applicants and licensees to demonstrate the safety of a Class IB nuclear facility, including:

  • a safety analysis program (the managed process that governs conduct of a safety analysis)
  • conduct of a safety analysis (a systematic evaluation of the potential hazards)
  • safety analysis documents, records and reporting

This document is the first version of REGDOC‑2.4.4, Safety Analysis for Class IB Nuclear Facilities.

For additional information on safety analysis for the post-closure phase of a disposal facility, see REGDOC‑2.11.1, Waste Management, Volume III: Safety Case for Disposal of Radioactive Waste.

Consultation on REGDOC-2.4.4, Safety Analysis for Class IB Nuclear Facilities is now closed. Thank you to everyone who submitted comments.

REGDOC-2.4.4, Safety Analysis for Class IB Nuclear Facilities sets out requirements and guidance for applicants and licensees to demonstrate the safety of a Class IB nuclear facility, including:

  • a safety analysis program (the managed process that governs conduct of a safety analysis)
  • conduct of a safety analysis (a systematic evaluation of the potential hazards)
  • safety analysis documents, records and reporting

This document is the first version of REGDOC‑2.4.4, Safety Analysis for Class IB Nuclear Facilities.

For additional information on safety analysis for the post-closure phase of a disposal facility, see REGDOC‑2.11.1, Waste Management, Volume III: Safety Case for Disposal of Radioactive Waste.

Discussions: All (36) Open (36)
  • You need to be signed in to add your comment.

    Requirements

    The applicant or licensee shall classify events into one of the facility states: AOO, design-basis accident (DBA), beyond-design-basis accident (BDBA) and specific ranges within BDBA referred to as design extension conditions (DEC), or equivalent.

    The applicant or licensee shall ensure that the safety analysis examines the following facility states:

    • normal operational modes (including maintenance and shutdown)
    • AOO
    • DBA conditions
    • DEC

    For additional information on classification and ranges of events, refer to appendix C.

  • You need to be signed in to add your comment.

    Safety analysis assumptions depend on a number of factors:

    • the overall risk profile of the nuclear facility
    • the event being analyzed (AOO, DBA or DEC)
      •        for AOO and DBA, use conservative assumptions (to demonstrate the effectiveness of the safety systems)
      •        for DEC, use best-estimate approach and assumptions
    • state of knowledge of the event progression and consequences

    Requirements

    The applicant or licensee shall not credit systems that are not qualified to operate in a post-accident environment.

    To credit operator action, the applicant or licensee shall demonstrate that the following are in place:

    • clear, well-defined, validated and readily available operating procedures that identify the necessary actions
    • instrumentation at the control location to provide clear and unambiguous indications of the need for operator action
    • training for any person who may be expected to perform the operator actions

    Guidance

    After any indication of the need for operator action, the operator action credited in the safety analysis report should be delayed by:

    • at least 15 minutes at the control location
    • at least 30 minutes outside the control location

    These operator action times are for the start of the action. The applicant or licensee shall add additional time to include, as appropriate, dressing in protective equipment; accessing remote equipment; and transporting, connecting and operating temporary equipment. The operator action time credited in the safety analysis report (SAR) shall be justified.

    For more information on crediting systems important to safety, see REGDOC‑2.5.2, Design of Reactor Facilities: Nuclear Power Plants [7].

  • You need to be signed in to add your comment.

    A postulated initiating event (PIE) is not necessarily an accident itself. A PIE is the event that initiates a sequence that may lead to an AOO, a DBA, or a BDBA, depending on the additional failures that occur.

    The primary causes of PIEs may be credible equipment failures and operator errors, human-induced events or natural events.

    The safety analysis and design for the nuclear facility shall consider not only the facility itself but also the interfaces with other facilities and installations that may affect its safety. For more information, refer to IAEA SSR‑4, Safety of Nuclear Fuel Cycle Facilities [3].

    For additional information on types of PIEs and ranges of conditions, refer to appendix C.

  • You need to be signed in to add your comment.

    Requirements

    The applicant or licensee shall identify PIEs (both internally and externally initiated) that could lead to:

    • radiation exposure to workers or to the public
    • a release of significant amounts of nuclear substances
    • a release of hazardous substances (such as hazardous chemicals) associated with the nuclear substances

    The applicant or licensee shall describe the methods used to identify the PIEs.

    The applicant or licensee shall document and maintain the resulting list of PIEs. With input from technical specialists and experts in safety analysis, the applicant or licensee shall conduct a review of the list of PIEs:

    • initially, to determine that the list is comprehensive and that the events include:
      • all credible failures of the facility’s structures, systems and components (SSCs)
      • all credible human errors that could occur in any of the operating conditions of the facility
    • regularly, to confirm the relevance of the current list and revise it as necessary, given that relevant PIEs may change as the facility goes through different phases of its lifecycle (for example, as a result of aging effects)
  • You need to be signed in to add your comment.

    Requirements

    During the safety assessment, the applicant or licensee shall classify PIEs and event sequences upon identification, for the purpose of demonstrating that the acceptance criteria and the safety goals are met.

    Guidance

    The applicant or licensee should group PIEs with similar characteristics (in particular, those that make similar demands on the mitigating measures) into event groups. For the safety assessment, the applicant or licensee should identify bounding events from each event group.

  • You need to be signed in to add your comment.

    Safety assessment includes an evaluation of the risk associated with the hazards of a nuclear facility. The assessment can be either quantitative, or qualitative, or a mix of both (semi-quantitative).

  • You need to be signed in to add your comment.

    Requirements

    The applicant or licensee shall perform a deterministic safety analysis (that is, an assessment of the consequences) to identify the physical process occurring in the nuclear facility during an event and to assess the consequences. The applicant or licensee shall justify the assumptions and the actions of qualified mitigating measures (such as safety systems and operator actions) used in the deterministic analysis.

    When the deterministic analysis is quantitative, the applicant or licensee shall develop models of the physical processes to calculate the consequences of the event. The applicant or licensee shall validate the computational tools used to calculate the consequences.

  • You need to be signed in to add your comment.

    Requirements

    The applicant or licensee shall perform an assessment of likelihood to establish the likelihood of PIEs or event sequences to occur.

    Typically for Class IB nuclear facilities, the applicant or licensee performs a qualitative or semi-quantitative assessment of the likelihood of PIEs or event sequences using the methods described in section 4.4.3.

  • You need to be signed in to add your comment.

    For Class IB facilities:

    • deterministic safety analysis methods are published in IAEA SSG-5, Safety of Conversion Facilities and Uranium Enrichment Facilities [8] and IAEA SG-6, Safety of Uranium Fuel Fabrication Facilities [9]
    • methods for assessment of likelihood are published in IAEA TECDOC No. 1267, Procedures for Conducting Probabilistic Safety Assessment for Non‑Reactor Nuclear Facilities[10]; numerous methods may be used, either in a quantitative or qualitative manner; some examples are:
      • hazard and operability studies (HAZOPs)
      • failure mode and effects analysis
      • fault tree / event tree analysis
      • operational feedback; for example, through the fuel incident notification and analysis system (FINAS) database and locally recorded events for each facility
      • what‑if technique
      • check lists (for example, ergonomics check lists)
      • master logic diagram
  • You need to be signed in to add your comment.

    Requirements

    The applicant or licensee shall use a safety assessment, or an equivalent methodology, to identify event sequences that may lead to an AOO, DBA, DEC or BDBA. For additional information, see IAEA SSR‑4, Safety of Nuclear Fuel Cycle Facilities [3].

    For each event sequence, the applicant or licensee shall identify the safety functions, the corresponding SSCs important to safety [4], and the administrative safety requirements that are used to implement the defence in depth concept.

    To be consistent with the safety analysis results, the applicant or licensee shall ensure that [3]:

    • SSCs important to safety are designed to withstand the effects of extreme loadings and environmental conditions (such as extremes of temperature, humidity, pressure and radiation levels) that may be encountered in operational states and in accident conditions
    • the required intervals for periodic testing and inspection of SSCs important to safety are defined
    • the codes and standards applicable to SSCs important to safety are identified, and their use is justified
    • the necessary levels of availability and reliability of SSCs important to safety, as established in the safety analysis, are attained

    In protecting against potential hazards, the applicant or licensee shall ensure that the following hierarchy of design and administrative measures is used to the extent practicable [3]:

    1. selection of the process (to eliminate the hazard)
    2. passive design features
    3. active design features
    4. administrative controls