Assessment of Internal Hazards

Similar documents
Review and Assessment of Engineering Factors

IAEA SAFETY STANDARDS for protecting people and the environment

IAEA SAFETY STANDARDS for protecting people and the environment

DESIGN OF REACTOR CONTAINMENT STRUCTURE AND SYSTEMS FOR NUCLEAR POWER PLANTS

Considerations for the Practical Application of the Safety Requirements for Nuclear Power Plant Design

FUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER F: CONTAINMENT AND SAFEGUARD SYSTEMS 7. CONTAINMENT HEAT REMOVAL SYSTEM (EVU [CHRS])

Safety Analysis: Event Classification

DESIGN OF REACTOR CONTAINMENT STRUCTURE AND SYSTEMS FOR NUCLEAR POWER PLANTS

DISTRIBUTION LIST. Preliminary Safety Report Chapter 19 Internal Hazards UK HPR1000 GDA. GNS Executive. GNS all staff. GNS and BRB all staff CGN EDF

Safety Classification of Structures, Systems and Components in Nuclear Power Plants

FUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER I: AUXILIARY SYSTEMS. A high-capacity EBA system [CSVS] [main purge]

Recent Research on Hazards PSA

Workshop Information IAEA Workshop

TITLE. Proposed new text Reason Accepted Accepted, but modified as follows

Assessing Combinations of Hazards in a Probabilistic Safety Analysis

STEP 3 INTERNAL HAZARDS ASSESSMENT OF THE EDF and AREVA UK EPR DIVISION 6 ASSESSMENT REPORT NO. AR 09/026-P

Periodic Survey of Fuel Installations on Ships other than Liquefied Gas Carriers utilizing gas or other low flash point fuels

SAFETY APPROACHES. The practical elimination approach of accident situations for water-cooled nuclear power reactors

Complementarity between Safety and Physical Protection in the Protection against Acts of Sabotage of Nuclear Facilities

Verification and validation of computer codes Exercise

EMERGENCY CORE COOLING SYSTEM SIMPLIFICATION

Preliminary Failure Mode and Effect Analysis for CH HCSB TBM

RULES PUBLICATION NO. 119/P

FUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER P: REFERENCE OPERATING CONDITION STUDIES (PCC)

Periodical surveys of cargo installations on ships carrying liquefied gases in bulk

The «practical elimination» approach for pressurized water reactors

The Nitrogen Threat. The simple answer to a serious problem. 1. Why nitrogen is a risky threat to our reactors? 2. Current strategies to deal with it.

UKEPR Issue 04

IEM on Severe Accident Management in the light of the accident at the Fukushima Daïchi NPP

Identification and Screening of Scenarios for LOPA. Ken First Dow Chemical Company Midland, MI

CONTENTS OF THE PCSR CHAPTER 1 - INTRODUCTION AND GENERAL DESCRIPTION

HEALTH AND SAFETY EXECUTIVE HM NUCLEAR INSTALLATIONS INSPECTORATE

How to reinforce the defence-indepth in NPP by taking into account natural hazards?

PASSENGER SHIPS Guidelines for preparation of Hull Structural Surveys

ONR GUIDE. Internal Hazards. Nuclear Safety Technical Assessment Guide. NS-TAST-GD-014 Revision 4

IC67 - Pre-Instructional Survey

Using LOPA for Other Applications

Installation of Ballast Water Management Systems

NUBIKI Nuclear Safety Research Institute, Budapest, Hungary

ASVAD THE SIMPLE ANSWER TO A SERIOUS PROBLEM. Automatic Safety Valve for Accumulator Depressurization. (p.p.)

Manual Actuated Boiler Blowdown Valves

Transient Analyses In Relief Systems

Inspection Credit for PWSCC Mitigation via Peening Surface Stress Improvement

PROCEDURES FOR REPAIRS TO ASME NV STAMPED PRESSURE RELIEF DEVICES OF NUCLEAR SAFETY RELATED PRESSURE RELIEF VALVES

HTR Systems and Components

Drum / cylinder handling

A new concept in the storage of liquefied chemical and petrochemical gases Zero leakage Zero fugitive emissions

DRAFT REGULATORY GUIDE DG-1074

Regulatory requirements with respect to Spent Fuel Pool Cooling

ANNEX AMENDMENTS TO THE INTERNATIONAL CODE FOR FIRE SAFETY SYSTEMS (FSS CODE) CHAPTER 15 INERT GAS SYSTEMS

Safety and efficiency go hand in hand at MVM Paks NPP

Severe Accident Management Programmes for Nuclear Power Plants

Safe management of industrial steam and hot water boilers A guide for owners, managers and supervisors of boilers, boiler houses and boiler plant

NEW IGC CODE AND IGF CODE

Leaks from Unit-3 PCV and steam release in a large amount

HIGH WIND PRA DEVELOPMENT AND LESSONS LEARNED FROM IMPLEMENTATION Artur Mironenko and Nicholas Lovelace

MAHB. INSPECTION Process Hazard Analysis

RULES FOR THE CONSTRUCTION AND CLASSIFICATION OF MOBILE OFFSHORE DRILLING UNITS TITLE MOBILE OFFSHORE DRILLING UNITS SECTION 6 PIPING CHAPTERS SCOPE

Extensive Damage Mitigation Guidelines (EDMG)

S1, S2, S3, S5, S6, S7, S8, S12 and S13 Separators Installation and Maintenance Instructions

An Improved Modeling Method for ISLOCA for RI-ISI and Other Risk Informed Applications

QUANTIFYING THE TOLERABILITY OF POTENTIAL IGNITION SOURCES FROM UNCERTIFIED MECHANICAL EQUIPMENT INSTALLED IN HAZARDOUS AREAS

General Duty Clause. Section 112(r)(1) of CAA. Chris Rascher, EPA Region 1

Improving Accuracy of Frequency Estimation of Major Vapor Cloud Explosions for Evaluating Control Room Location through Quantitative Risk Assessment

Safety Standards. of the Nuclear Safety Standards Commission (KTA)

Per Section I of the ASME

MDEP Common Position No AP

Probabilistic safety assessment of fire hazards

OIL SUPPLY SYSTEMS ABOVE 45kW OUTPUT 4.1 Oil Supply

TEPCO s Safety Assurance Philosophy on Nuclear Power Generation Plants

Challenges in Relief Design for Pilot Plants

DETERMINATION OF SAFETY REQUIREMENTS FOR SAFETY- RELATED PROTECTION AND CONTROL SYSTEMS - IEC 61508

Introduction to Emergency Response & Contingency Planning

Release: 1. UEPOPL002A Licence to operate a reciprocating steam engine

Title: Pressure Relieving and Venting Devices Function: Ecology & Safety No.: BC Page: 1 of 7 Reviewed: 6/30/12 Effective: 7/1/12 (Rev.

FUNDAMENTAL SAFETY OVERVIEW VOLUME 2: DESIGN AND SAFETY CHAPTER I: AUXILIARY SYSTEMS 2. VOLUME AND CHEMICAL CONTROL (RCV [CVCS])

Safety in Petroleum Industry

Every things under control High-Integrity Pressure Protection System (HIPPS)

IAEA Headquarters in Vienna, Austria 6 to 9 June 2017 Ref No.: CN-251. Ivica Bašić, Ivan Vrbanić APoSS d.o.o.

FV Flash Vessel Installation and Maintenance Instructions

AP1000 European 19. Probabilistic Risk Assessment Design Control Document

Safety Standards. of the Nuclear Safety Standards Commission (KTA)

DCV10 Stainless Steel Disc Check Valve for use with Condensate Pumps

UKEPR Issue 05

SAFETY MANUAL PURGING, VENTING & DRAINING PROCEDURE TABLE OF CONTENTS 1. INTRODUCTION SCOPE DEFINITIONS PROCEDURE...

Abstract. 1 Introduction

Pressure Equipment Directive PED 2014/68/EU Commission's Working Group "Pressure"

Impact on People. A minor injury with no permanent health damage

Technical Standards and Legislation: Risk Based Inspection. Presenter: Pierre Swart

REGULATORY OBSERVATION

INTERNATIONAL ASSOCIATION OF CLASSIFICATION SOCIETIES. Interpretations of the. IGF Code

HM and HM34 Inverted Bucket Steam Traps Installation and Maintenance Instructions

2 FUSION FITTINGS FOR USE WITH POLYETHYLENE PRESSURE PIPES DESIGN FOR DYNAMIC STRESSES

NZQA unit standard version 3 Page 1 of 8. Manage the mine ventilation system at an extractive site

Spiratec ST14, ST16 and ST17 Sensor Chambers and sensors

PIP PNE00012 Piping Examination and Leak Test Guide

SENSITIVITY ANALYSIS OF THE FIRST CIRCUIT OF COLD CHANNEL PIPELINE RUPTURE SIZE FOR WWER 440/270 REACTOR

DF1 and DF2 Diffusers

22. Specialty Valves.

Pressure Equipment Directive PED 2014/68/EU Commission's Working Group "Pressure"

Transcription:

Joint ICTP- Essential Knowledge Workshop on Deterministic Safety Analysis and Engineering Aspects Important to Safety Trieste, 12-23 October 2015 Assessment of Internal Hazards Javier Yllera Department of Nuclear Safety and Security Division of Nuclear Installation Safety International Atomic Energy Agency

OUTLINE 1. Definitions of Internal and External Hazards 2. Importance of Internal Hazards 3. Applicable Safety STANDARDS 4. General approach for design and assessment 5. Examples of Application (Pipe break-flooding) 6. Discussion

Internal & External Hazards Definitions No definition in the Safety Glossary for internal or external hazards. Definition for external event: Events unconnected with the operation of a facility or the conduct of an activity that could have an effect on the safety of the facility or activity. Typical examples of external events for nuclear facilities include earthquakes, tornadoes, tsunamis and aircraft crashes. An internal fire ( a fire inside the plant) could be considered as an external event. The terminology is not clear SSR 2/1 includes design requirements against internal and external hazards 3

Internal & External Hazards Definitions The hazard describes the circumstances that may lead to an event, e.g. the presence of combustible material may lead to a fire. The hazard may or not exist The event may occur or not occur In this context hazards and events are used often as synonymous in SSs and other publications Hazard (seismicity) Internal/external Event (earthquake, tsunami) Internal/External Hazards or Events

Internal Hazards Internal hazards originate from sources located on the site of the nuclear power plant, both inside and outside of plant buildings. Sources may or not be part of the process equipment. Examples of internal hazards include: Internal fires Pipe whip Internal floods Turbine missiles Drop of heavy loads On-site explosions 5

External Hazards External hazards originate from sources located outside of the site of the nuclear power plant. Examples of external hazards include: Seismic hazards High winds and wind-induced missiles External floods Other severe weather phenomena (e.g., tornados) Off-site transportation accidents Off-site explosions Releases of toxic chemicals from off-site storage facilities External fires (e.g. fires affecting the site and originating from nearby forest fires) Effects of volcanism (lava flows, ashes, etc. ) 6

Importance of Internal and External Hazards Internal and external hazards have the potential to induce an initiating event and to cause damage to several or many plant equipment or affect plant operation (and even outside emergency response) The Internal or the External Hazard is not an initiating event The design should be such that: the frequency of the hazards is minimized (when possible) Plant operators and sufficient equipment to operate the plant and bring it to a safe and durable state is not affected by the hazards. Hazard (seismicity) Internal/external Event (earthquake, tsunami) Postulated IE (loss of offsite power) + damages Internal/External Hazards or Events 7

SAFETY STANDARDS / Requirements Requirement 17: All foreseeable internal hazards and external hazards, including the potential for human induced events directly or indirectly to affect the safety of the nuclear power plant, shall be identified and their effects shall be evaluated. Hazards shall be considered for the determination of postulated initiating events and generated loadings for use in the design of relevant items important to safety for the plant.

SAFETY STANDARDS / Requirements Item 17: The design shall take due account of internal hazards such as fire, explosion, flooding, missile generation, collapse of structures and falling objects, pipe whip, jet impact, and release of fluid from failed systems or from other installations on the site. Appropriate features for prevention and mitigation shall be provided to ensure that safety is not compromised

SAFETY STANDARDS / Guidelines Guidelines are intended to supplement Requirement documents by providing guidance on how to fulfil the shall requirements

GENERAL APPROACH Defence in Depth Approach: Implementation of consecutive layers of protection Prevention on the internal hazard from occurring. Reducing frequency and magnitude Early detection and suppression of the internal hazard. Limiting the impact and propagation of the hazard on the plant. Avoiding secondary hazards. Mitigation of the consequences on the plant. Safe shutdown of the plant after the internal hazard

GENERAL APPROACH Prevention of Hazards Very few hazards may be eliminated Physically impossible or by very high quality of design, e.g. no load drop if there is no lifting equipment / 2A pipe break for pipes designed as Leak before break. Frequency can be reduced however by appropriate design and operation provisions. e.g. Occurrences of a load drop can be minimized by lifting the heavy loads with cranes of a high reliability Occurrences of fires can be minimized by reducing the fire load in a room, controlling the use of transient fuels, etc. Regular inspection of piping and vessels.

Early detection and suppression of the internal hazard. When possible early detection and suppression reduces the likelihood of an internal hazards of a sufficient magnitude to cause damage, or limits the extension of the damage Examples: Fire detection and extinguishing Flood detection and isolation Detection and suppression can be automatic or manual Direct automatic detection (fire detectors, flood detectors) Indirect detection: Automatic: system alarms, equipment malfunctioning originated by the hazards Manual detection: human presence, plant walkdown Automatic suppression: Fire extinguishing systems, flood isolation, etc. triggered by automatic detection Manual suppression: remote or local human intervention GENERAL APPROACH

GENERAL APPROACH Limiting the impact and propagation of the hazard on the plant. Limiting the impact: Adequate plant layout. Adequate protection features for the equipment Prevention of PIEs to the extent possible. AOOs should be prevented, but is not always possible. Internal/external hazards should not or very rarely lead to accidents. Prevention of damage to safety significant equipment (protection, qualification). Physical separation of safety divisions by barriers with adequate resistance to the hazards to the extent possible. Confinement of the effects of the fire to limited areas of the plant Prevention of secondary hazards, e.g. pipe break leading to flooding can cause also pipe whip damages, water impingement, etc. Load drop can cause pipe break and flooding, etc.

GENERAL APPROACH Mitigation of the hazard consequences. Plant safe shutdown After the internal hazard is controlled, sufficient plant equipment should remain operable for the safe and durable shutdown of the plant. External hazards (e.g. earthquakes) can challenge equipment of different safety divisions, but the design of the equipment (e.g. design of seismic equipment category I) can prevent its failure. A safety system can remain fully functional For internal hazards, e.g. internal fire, the failure of one division may be unavoidable, e.g. fire originated in the room of division I. Hence, single failure criterion may not be longer met. Random failures need to be taken into account in the safe shutdown analysis. Safe shutdown analysis identifies the set of systems and minimal number of division that cannot be affected by the hazard for accomplishing the fundamental safety function and shutdown the plant safely.

GENERAL APPROACH PIE generated by internal hazards An internal/external hazard should not lead to an initiating event for which the plant is not designed Identification of PIEs must be thorough and consider potential effects of internal/external hazards. Analysis of plant response to PIEs is mainly made by modeling the plant response running qualified codes, demonstrating compliance with acceptance criteria (with conservatism), The operation of the systems credited in the PIE analysis shall not be jeopardized by the secondary consequences of the internal hazard Systems and components to be protected from the effects of the internal hazard are those required for its mitigation of the PIEs that can be originated, i.e. the systems required to operate the plant to a safe and durable state.

GENERAL APPROACH Is the plant safe enough? It is often not possible or impractical to prevent that an internal/external hazards doesn t lead to an AOO. The operator may even trigger it. Hazards initiating an accident condition should be prevented to the extent possible by design. If not, the frequency of occurrence shall be consistent with the severity of the consequences according to the principle the higher the consequences the lower the probability (e.g. prevention of equipment failure should be ALARP) Shutting down and bringing the reactor to the normal cold shutdown after any hazard shall be possible (e.g. in case of a fire, flood, heavy load drop)

GENERAL APPROACH Consideration of hazards is of first importance in the layout of the plant buildings and its structures, systems and components. When the layout is not optimal or cannot sufficient to prevent the impact of a hazard on multiple equipment, other type of protections are necessary. Each hazard requires specific types of protection The total failure of a system important to safety designed to accomplish one of the three main safety functions (reactivity control, decay heat removal from the core or the spent fuel, confinement of radioactive materials) is not acceptable, even if the system important to safety is not required following the hazard.

SAFETY STANDARDS Guidance for design against internal hazards Provisions in the layout: To the extent possible, for new plants, the safety divisions are installed in separate safety buildings with the objective to limit the effects to the concerned division. Structures of these buildings that are necessary to prevent the spreading of the hazard should be designed to withstand the loads caused by the internal hazard. Propagation of internal hazard consequences through divisional interconnections should be prevented by minimizing their number and providing isolation or decoupling means.

SAFETY STANDARDS Guidance for design against internal hazards Provisions in the layout: Where the safety divisions are routed in a same building (e.g. inside reactor building), the layout of equipment shall be based as far as possible on the principle of physical separation in order to prevent the worsening of the initial event and to avoid common cause failures among redundancies.

SAFETY STANDARDS Guidance for design against internal hazards Protection of the SSCs important to safety Generally, most of SSCs can not be and are not designed to withstand the loads caused by the hazard, but SSCs important to safety can be protected from the effects of some hazards by an appropriate layout (e.g. by distance) or by local design provisions (e.g. In PWR the inner containment is protected from the missiles by a barrier). Qualification to harsh ambient conditions is required to protect SSCs important to safety when all redundant items are simultaneously exposed to the global effects of effect of a high energy pipe break.

SAFETY STANDARDS Guidance for design against internal hazards Limitation of the effects Secondary effects should be avoided by stopping the cascading effect (domino effect) as much as possible, e.g. in the event of a high energy pipe break, structures supporting heavy items might be modified to withstand the loads cause by the jet effects if its failure results in further damages. A hazard shall not be a CCF for all the divisions of a same system. This layout requirement is generally fulfilled by a physical separation between divisions or redundant items.

SAFETY STANDARDS Guidance for design against internal hazards Mitigation of the effects For some hazards a mitigation of the consequence can be possible by crediting some automatic actions (e.g. fire extinguishing system, closing valves or starting pumps in the event of a flooding). Generally for new designs, this not credited (confinement principle) For hazards resulting in a PIE, the failures caused by the hazard need to be within the envelop considered in modeling of the plant response to the PIE. The internal hazard cannot lead to an initiating event that is not postulated in the design

Hazards analyses (deterministic and/or probabilistic) are required to demonstrate that the layout of the structures,systems, and individual components is adequate to limit the effects of hazards taking into account design provisions implemented for the protection of SSCs or the mitigation of the consequences. Analysis of generated PIEs and additional failures, proving that the radiological consequences are kept below the limits, are not jeopardized Operation of the reactor to a safe and durable state is possible A hazard can not be a CCF for the redundancies of the systems required for the mitigation of accidents Plant walkdowns are necessary or helpful to check the correctness. SAFETY STANDARDS Hazard analysis

EXAMPLE OF HAZARD: Pipe failure Pipe failure is a generic hazard and therefore the general approach discussed before is applicable. Specific effects and their consequences need to be considered and evaluated by applying proven rules and methodologies (e.g. US NRC BTP 3-4). SSCs to be protected are derived from the approach described before Possible PIEs systems required for the mitigation of the PIE should not be failed by the hazard No secondary failures which would significantly aggravate the PIE All the 3 main safety functions can still be accomplished.

EXAMPLE OF HAZARD: Pipe failures and their consequences Pipe failures to be postulated Depending on the characteristics of the pipe (energy, diameter, stress values, fatigue factors, quality): For low energy pipes: leaks only, For high energy pipes, except for those qualified break preclusion/ leak before break: a circumferential rupture and if relevant a longitudinal through wall crack. Locations and effects to be considered depend on the energy and size.

EXAMPLE OF HAZARD: Pipe failures and their consequences Break location Generally, in a deterministic approach, breaks are postulated to occur : For piping of DN less than 50 mm, or for piping supplied without nuclear quality grade : at any location For piping supplied with a nuclear quality grade At the terminal ends ( fixed points or connections to a large component) and At intermediate locations, in high stress areas where stress criteria given by the manufacturing codes are exceeded. The stresses shall be calculated using equations given by the design/manufacturing code selected for the design and manufacturing of the piping.

EXAMPLE OF HAZARD: Pipe failures and their consequences Effects to be considered: 1. Pipe whip Pipe whip are considered at circumferential welds and in case of a 2A break. The direction of the pipe whip is considered to identify the potential targets surrounding the broken pipe. The effects on the identified targets (to stop cascading failures the targets are not restricted to items important to safety) should be evaluated by performing dynamic analysis. As such an analysis is very sophisticated, others simplified but proven engineering practices can be used if judged as conservative. E.g :Impacted target pipes of a DN equal to or larger than the impacting pipe need not be assumed to loose their integrity Impact of a whipping pipe onto a pipe of similar design but smaller DN than that of the impacting pipe results in a break to the impacted pipe.

EXAMPLE OF HAZARD: Pipe failures and their consequences 2. Jet impingement forces A same approach than that used for the pipe whip forces applies: the shape and the orientation of the jet are defined to identify the targets. Simplified but proven engineering practices are generally applied and dynamic and sophisticated analyses are used, if needed, to better assess the damages to a component or structure. Proven methodologies are documented in the public literature, and distances up to jet effects should be considered are generally supported by tests. The damages caused by the jet impingement forces onto insulation materials are of particular importance in the LOCA analysis.

EXAMPLE OF HAZARD: Pipe failures and their consequences 3. Reaction forces Reaction forces are the counteracting forces caused by the fluid escaping via the break and / or caused by the fluid pressure at the break and acting on the break cross section. Reaction forces are taken into consideration for the design of equipment supports, support anchors and the associated building structures. These forces are dynamic forces but their effects may be evaluated by applying a static model (2pA)

EXAMPLE OF HAZARD: Pipe failures and their consequences 4. Pressure wave forces, flow forces Safety classified components and their internal equipment (e.g. RPV internals, steam generator tubes) are designed to withstand flow forces resulting from postulated leaks and breaks. In the case of transient blowdown conditions, the effects of pressure wave forces, including possible water hammer effects, should be taken into consideration. Pressure wave forces (de-pressurization wave forces) are forces which act on piping sections between two bends and which occur from the blowdown compression wave transferred through the fluid from the break. The effects on the structures are modeled using 3D dynamic codes

EXAMPLE OF HAZARD: Pipe failures and their consequences 5. Pressure build-up and differential pressure forces In the event of a leak or break in a high energy line with a temperature 100 C or a gas line, mass and energy released could result in a significant global pressure built up in the building. The pressure and temperature build up are calculated by using thermohydraulic codes. During the blow down transient, differential pressures may occur due to some flow restrictions causing additional loads on the structures in the safety classified buildings.

EXAMPLE OF HAZARD: Pipe failures and their consequences 6. Humidity, temperature, radiation Humidity, temperature and radiation doses are also effects to be considered following a high energy pipe break. Each of these effects could prevent the normal operation of equipment required for the mitigation if this equipment was not qualified to operate under conditions prevailing before and during its mission time. 7. Flooding Flooding resulting from a pipe break is analysed in the frame of the flooding hazard analysis. The release of fluid cannot be prevented. The extent of the flooding depends on building characteristics, amount and rate of water released, etc.

EXAMPLE OF HAZARD: Pipe failures and their consequences What effects to be considered In principle all effects stated in are considered for high energy pipe leaks and breaks. Nevertheless: ü Pipe whip is considered for 2A pipe break only, ü Dynamic forces are considered for breaks only. For leaks, it is more realistic to consider continuous pressure drop, ü For piping of DN less than 50 mm all the effects may not be considered, ü Pressure and temperature built up are only considered for or piping with a temperature 100 C, or gas lines for pressure built up only. For low energy pipe, less effects are relevant, and flooding is generally the consequence of the most interest. High energy pipe breaks analyses are complex analyses with multiples consequences on the plant design

FLOODING Release of water/steam through pipe opening (maintenance errors) or pipe/tank break Sensitive equipment (e.g. electrical equipment) damaged by submersion, water spray, etc. A PIE is possibly caused. Structural damage could occur by sufficient accumulation of water on some structures. Propagation by gravity through any paths covered by the water, including door gaps, defective or unqualified seals, and drainage, ventilation ducts, etc. Possible PIE or further damages caused.

FLOOING Flood detectors available in some rooms. Detectors on building sumps? Floods may be automatically detected, but very rarely automatically isolated The flooding source can be a system affecting plant operation, possibly triggering a PIE or an auxiliary system not connected to the process, e.g. fire protection system Flood propagation is calculated by hydrodynamic models involving a source, several compartments and propagation paths. Floods may also affect human performance

SOME EXAMPLES OF FLOOD EVENTS EXAMPLE TURBINE BUILDING FLOOD EVENTS NO. PLANT EVENT DESCRIPTION SEVERITY 1 Duane Total of 123000 gal accumulated in Turbine Unknown Arnold Building due to tank overflow caused by (123000 gal valve malfunction. total spill) 2 Quad Valve closed inadvertently and water hammer Very large Cities rupture expansion joint. Spill (150000 gal) 3 Oconee 3 During maintenance solenoid failure caused Large Spill condenser outlet valve to open while water (60000 gpm) box manways were removed. 4 Crystal Seawater inlet block valve was opened due to Large Spill River solenoid failure causing seawater to accumulate (65000 gpm) in Turbine Building. 5 Peach Vent valve on condenser waterbox inadvertently Large Spill Bottom left open following maintenance. Operators ignored high sump alarm. 6-8 ft of water in pump room.

SOME EXAMPLE OF FLOOD EVENTS (Cont.) AUXILIARY BUILDING FLOODING EVENTS NPP Event Description Severity 1 Browns Supply line to condensate ring header Severe Ferry 3 failed at welded joint, resulting in flood spillage of 80,000 gal on condensate from onto core spray pump room floor. ECCS Probable cause was weld fatigue caused by line movement during repeated pump starts. 2 Brunswick 1 Rupture of flange gasket on RHR SW heat Severe exchanger outlet valve resulted in water accumulation which damaged pump and valves. flood from SW system 3 Brunswick 1 Water accumulated in HPCI pump room, Smal producing backflow through sump drain system, and HPCI turbine tripped due to shorted oil pump. 4 Dresden 2 River water spilled from disassembled Severe

FLOODING ANALYSIS 1. Plant Information Collection and Plant Walkdowns 2. Identification of Flood Sources in Plant Compartments 4. Flood Frequency Evaluation 3. Identification of Flood Scenarios (equipment damage and flood propagation paths) 5. SCREENING qualitative quantitative 6. Detailed Analysis and Verification Walkdown 7. Risk Calculation & Analysis of Results

STEPS OF INTERNAL FLOOD ANALYSIS Plant information collection and plant walkdowns: Information collected from plant documentation on: Flood sources Flood mitigation Flood barriers Plant connections and penetrations ú Collection of data on connections and penetrations between plant compartments may require a significant effort (in case such information is not readily available) Walkdowns of the plant are very important to verify actual conditions

STEPS OF INTERNAL FLOOD ANALYSIS (Cont.) Identification of flooding sources: e.g., ruptures in water systems (service water, fire water, etc.) location and total volume of potential flood sources Identification of flooding zones: location of flood compartment boundaries/barriers drains connections to other compartments location of flood susceptible equipment

STEPS OF INTERNAL FLOOD ANALYSIS (Cont.) Analysis of flooding scenarios For each water source, the propagation of water from the break is analyzed and equipment damaged determined Area 1 Door Area 2 Q i (source) External Area sump pump Area 4 Drainage Area 3

Thank you for your attention 43

2024 © sportdocbox.com Privacy Policy | Terms of Service | Feedback