KAERI
관한설계요건에
E그-r-‘-
원자력발전소
-줄
저l
개량형중수로
제출합니다.
귀하한국원자력연구소장
본 보고서를
기술보고서로
(요약)
PLANT
기술관리분야
설계요건서개량형
(FUTURE CANDU
REQUIREMENT DOCUMENT
Summary)
POWER
울진5,6호기
원자력발전소
NUCLEAR
1996년 3월
제출부서명:
로수l중
DESIGN
Executive
제목
.A‘I01자:A게
c>작
현o..장
01 。j
c>
S.A. Usmani (AECL, Toronto)
L II그
석수동
(개 량중수로개 발분야책 임 자)
2J-¢ 이 .9.1-,- TI τ코
(연구위원)c::>-.一
‘-도。
71C그책임감수위원:
요 0 1:-,
개량형 중수로 발전소 설계요건서(요약)는한국을 위시하여 차세대 중수로
형 발전소에 대한 사용자 요건을 분명하고 완벽하게 기술하고있다. 기술된 요건
들은 가합중수로의 경험에 입각한 실증된 기술을 기초로 하여 범세계적인 현행
요건서에 명시된 설계요건들과 부합시키고자 한다. 나아가서, 이 종합된 설계요건
서는 현재 채택가능한 범위 내에서 사용자의 입력을 최대한 포함시키고, 성능과
안전성을 증진시키기 위하여 단순하고 강력하며 보다 여유 있는 설계를 보증하
고 있다.
예상되는 본 개량형 중수로 설계요건서의 용도는 다음과 같다.
- 사용자 측의 요건수립을 촉진하기 위하여 한전과 같이 중수로형 발전소에
관심이 있는 사용자와의 심도 있는 토론의 기초를 제공
- 인허가 쟁점 제시를 포함하여 높은 인허가성을 제고하므로써 한국을 위시
하여 미래 중수로형 발전소에 대한 규제의 근거를 설정하며,
- 최종상세설계, 인허가, 그리고 건설을 위한 입찰제의서에 사용될 기술요건을
제공하고, 개량형 중수로의 완성과 운전을 위한 초기투자에 따른 위험부담
이 극미하다는 강한 투자확신의 근거를 제공한다.
본 설계 요건서는 핵증기공급계통과 보조설비계통은 물론 변전소와 송전
선을 연결하는 회로차단기의 배전반 측에 있는 급전망과의 연계부분까지 망라한
발전소 전체를 대상으로 하고 있다. 또한 본 요건서는 발전소내의 저준위 방사성
폐기물의 처리요건과 사용후핵연료 저장요건을 포함하고 있으며 소외 폐기물 폐
기는 본 요건서에서 취급하지 않았다.
요건서 요약집에서는 정책일람과 최상위 설계요건을 요약하였다. 정책일람
은 설계, 개발 및 계획수행을 위한 핵심사항에 대한 사용자 측의 입장을 제시하
였으며, 최상위 설계요건은 한국의 개량형 중수로 발전소의 목표를 달성시키기
위한 핵심요소이며 1990년대 및 그 이후에도 경쟁력 있는 원자력 발전소임을 확
인사켜 준다.
ABSTRACT
The Future CANDU Requirements Document (FCRED) describes a
clear and complete statement of utility requirements for the next generation of
CANDU nuclear power plants including those in Korea. The requirements are
based on proven technology of PHWR experience and are intended to be
consistent with those specified in the current international requirement
documents. Furthermore, these integrated set of design requirements,
incorporate utility input to the extent currently available and assure a simple,
robust and more forgiving design that enhances the performance and safety.
The anticipated uses of the FCRED are as follows;
• Provide a basis for further discussion with the interested CANDU client such as KEPCO to facilitate establishment of client-specific requirements.
• Establish a regulatory basis for Future CANDUs including those in Korea
which includes addressing of licensing issues and which provides high
assurance of licensability.
• Provide technical requirements for use in a bid package for eventual detailed
design, licensing and construction, and which provide a basis for strong
investor confidence that the risks associated with initial investment to
complete and operate the future CANDU plant remain minimal.
The FCRED addresses the entire plant, including the nuclear steam
supply system and the balance of the plant, up to the interface with the
utility grid at the distribution side of the circuit breakers which connect the
switchyard to the transmission lines.
Requirements for processing of low level radioactive waste at the plant
site and spent fuel storage requirements are included in the FCRED. Off-site
waste disposal is beyond the scope of the FCRED.
The executive summary document summarizes policy statements and
top-tier design requirements. The policy statements provide utility positions on
key aspects of design, development, and program implementation. The top-tier
design requirements are the key elements in meeting the objectives of Future
CANDU units in Korea and to ensure a viable nuclear power generation
option for the 1990' s and beyond.
TABLE OF CONTENTS
SECTION PAGE
1. INTRODUCTION 2
1.1 Objective and Scope of the Future CANDU Requirement Document 2
1.1.1 Objective 2
1.1.2 Scope of the FCRED 2
1.2 Structure of the FCRED 2
1.2.1 Structure 2
1.2.2 Requirements/Rationale 3
2. POLICY STATEMENTS 4
2.1 Simplification 4
2.2 Design Margin 5
2.3 Human Factors 5 2.4 Safety Design 6 2.5 Design Basis Versus Safety Margin 7
2.6 Regulatory Stabilization 7
2.7 Plant Standardization 7 2.8 Proven Technology 8
2.9 Maintainability 8
2.10 Constructibility 8 2.11 Quality Assurance 9
2.12 Sabotage Protection 9 2.13 Good Neighbour 9
2.14 Economic Policy 10
3. TOP TIER DESIGN REQUIREMENTS 12
3.1 Top-Tier Safety Design Requirements 12
3.1.1 Accident Resistance 12
3.1.2 Core Damage Prevention 13
3.1.3 Mitigation 14
3.1.4 Supplementary Requirements 14
3.2 Top-Tier Performance Design Requirements 15
3.2.1 Plant Characteristics Requirements 15
3.2.2 Maneuvering and Transient Response Requirements 15
3.2.3 Reliability and Availability Requirements 16
3.2.4 Operability, Maintainability and Testing Requirements 16
3.2.5 Instrumentation and Control System Requirements 17
TABLE OF CONTENTS
SECTION PAGE
3.3 Top-Tier Constructibility Requirements 18
3.3.1 Construction Duration and Design Completion Requirements 18
3.3.2 Construction and Design Coordination Requirements 18
3.3.3 Advanced Construction Technology Requirements 19
3.3.4 Integrated Construction Planning and Scheduling Requirements 19
3.4 Top-Tier Design Process Requirements 19
3.4.1 Design Integration Requirements 20
3.4.2 Information Management System (IMS) Requirements 20
3.4.3 Engineering Verification of As-Built Conditions Requirements 20
4. SUMMARY OF TOP-TIER DESIGN REQUIREMENTS 22
TABLES
Table 2.1 Future CANDU Safety Foundation 11
Table 4.1 Summary of Top-Tier Requirements 23
ILLUSTRATIONS
Figure 1 FCRED Organization 3
LIST OF ABBREVIATIONS
FCRED
NPP
QA
HMIS
LOCA
LOECC
PRA
LDB
SMB
ROP
DBE
IMS
Future CANDU Requirements Document
Nuclear Power Plant
Quality Assurance
Human-Machine Interface System
Loss of Coolant Accident
Loss of Emergency Core Cooling
Probabilistic Risk Assessment
Licensing Design Basis
Safety Margin Basis
Regional Over Power
Design Basis Earthquake
Information Management System
1. INTRODUCTION
1.1 OBJECTIVE AND SCOPE OF THE FUTURE CANDU REQUIREMENT
DOCUMENT
1.1.1 Objective
The objective of the Future CANDU Requirements Document (FCRED) is to present
a clear and complete statement of utility requirements for the next generation of CANDU
nuclear power plants including those in Korea. The requirements are based on proven
technology of PHWR experience and are intended to be consistent with those specified in the
current international requirement documents. Furthermore, these integrated set of design
requirements, incorporate utility input to the extent currently available and assure a simple,
robust and more forgiving design that enhances the performance and safety.
The anticipated uses of the FCRED are as follows;
• Provide a basis for further discussion with the interested CANDU client such as KEPCO to facilitate establishment of client-specific requirements.
• Establish a regulatory basis for Future CANDUs including those in Korea which includes addressing of licensing issues and which provides high assurance of licensability.
• Provide technical requirements for use in a bid package for eventual detailed design, licensing and construction, and which provide a basis for strong investor confidence that the risks associated with initial investment to complete and operate the future CANDU plant remain minimal.
1.1.2 Scope of the FCRED
The FCRED addresses the entire plant, including the nuclear steam supply system
and the balance of the plant, up to the interface with the utility grid at the distribution side
of the circuit breakers which connect the switchyard to the transmission lines.
Requirements for processing of low level radioactive waste at the plant site and
spent fuel storage requirements are included in the FCRED. Off-site waste disposal is beyond
the scope of the FCRED.
1.2 STRUCTURE OF THE FCRED
1.2.1 Structure
The structure of the FCRED is patterned after the format of the Korean Standard
NPP Design Requirement document K-SRED. The FCRED is divided into two volumes, an
executive summary of top-tier requirements and a complete set of overall design
requirements. An illustration of the structure of these two documents is provided in Figure 1.
The executive summary document summarizes policy statements and top-tier design
requirements. The policy statements provide utility positions on key aspects of design,
development, and program implementation. The top-tier design requirements are the key
- 2 -
elements in meeting the objectives of Future CANDU units in Korea and to ensure a viable
nuclear power generation option for the 1990's and beyond.
The overall design requirements contain common requirements which have application
to a number of plant systems.
V. jVAW-yA-tJAJAVH *v.-v.-&j%JX%%>F*--
mmmm ^utareXAIfpOs,.^-
Safety
Introduction and
Policy Statements
Perfor
mance
Construct-ibility
Design
Process
Common Requirements
m-.
Figure 1: FCRED Organization
The specific technical requirements on systems are covered in various system
requirement documents, which are complementary to the executive summary and the overall
design requirement documents
1.2.2 Requirements/Rationale
The summary of top-tier requirements includes a narrative text, which typically
states policy or necessary background. The narrative text should be carefully reviewed to
assure understanding of policy and the background.
The overall design requirements specified in the FCRED are organized in a format
which provides the rationale for each requirement. The rationale provides the basis for the
requirement and a clear understanding of the requirement and its intent to the users.
- 3 -
2. POLICY STATEMENTS
The policy statements are not design requirements by themselves, but are generalized
targets for a set of requirements. The policy statements included in this section are as
follows:
Simplification
Design Margin
Human Factors
Safety
Design Basis Versus Safety Margin
Regulatory Stabilization
Plant Standardization
Use of Proven Technology
Maintainability
Constructibility
Quality Assurance
Sabotage Protection
Good Neighbour
Economic Policy
2.1 SIMPLIFICATION
It is policy to emphasize simplicity in all aspects of plant design, construction, and
operation. Because of the fundamental importance of simplicity, future CANDU designs will
pursue simplification opportunities with high priority and will assign greater importance to
simplification in design decisions than has traditionally been done.
From the viewpoint of plant operation, plant simplification requirements include:
• Use of a minimum number and diversity of systems, valves, pumps, instruments, and other
mechanical and electrical equipment, consistent with the essential safety and functional
requirements;
• Provision of instrumentation and control which will simplify plant operation and reflect the
operator's needs and capabilities;
• Provision of system and component designs which minimize demands on the operator
during normal operation as well as transient and emergency conditions (e.g., minimizing
system realignments to accomplish safety functions, total segregation of safety and
non-safety functions unless justified);
• Provision of equipment design and layout which facilitate maintenance;
• Provision of simple protective logic and actuation systems;
• Use of standardized components to facilitate operations and maintenance;
• Provision of design and layout for ease of construction;
• Use of an integrated 3-dimensional CADDS plant model and advanced information and
communication system technology to facilitate achievement of above requirements.
Plant simplification will be specified as an integral part of the design process in
order to maximize overall simplicity in the face of sometimes competing objectives.
4 -
2.2 DESIGN MARGIN
It is policy that significant margins be designed into future CANDU units so as to
make it a more forgiving and rugged plant. Significant design margins are of fundamental
importance to nuclear plant safety and economics. Significant design margins wiL' provide
benefit in the following ways:
• Provide designed-in capability to accommodate transients without causing initiation of
special safety systems!
• Provide the operator time to assess and deal with upset conditions with minimum potential
for damage;
• Provide margins to enhance system and component reliability and to minimize the potential
of exceeding limits (e.g., technical specifications) which might require derating or shutdown;
- Provide additional assurances that the plant life requirement of 60 years can be met.
The design margins policy implementation is expected to result in a design which
goes beyond regulatory requirements in various respects. It is policy that these margins be
maintained and be available to the plant operator and not be eroded by regulatory
requirements since this would result in unnecessarily stringent operating envelopes.
2.3 HUMAN FACTORS
This policy is to systematically include human factors considerations in the design of systems, facilities, equipment and procedures. All aspects of plant design for which there is an interface with plant personnel shall incorporate human factors considerations. Human factors driven design considerations shall be applied consistently plant-wide. This includes those aspects of the design which affect:
• Monitoring, control, and protection functions assigned to plant operators;
• Monitoring and diagnostic functions performed by plant engineers and managers during
normal, upset, and emergency conditions;
• Inspection, on-line and off-line surveillance testing, preventative maintenance, and corrective
maintenance functions assigned to maintenance personnel.
To implement this policy, it is essential that there be participation by qualified,
experienced operators and maintenance personnel and interaction of these personnel with
designers and human factors experts early in the design process. The design process shall
include techniques, such as mock-ups and simulators, to provide an environment in which
experienced operators and maintenance personnel can contribute to the design. Also, operating
experience from existing plants shall be reviewed and considered in order to minimize human
performance problems. Instrumentation and Control Systems shall employ modern technology.
In particular, the main control room shall utilize advanced human factor engineering control
concept in which integrated electronic displays, alarms, procedures, and controls are available
to the operators.
- o -
2.4 SAFETY DESIGN
The safety design policy is that there shall be excellence in safety both to protect
the general public and to assure personnel safety and plant investment protection. The
primary emphasis is on accident prevention (which includes accident resistance and core
damage prevention); this approach is the best way to achieve plant owner investment
protection and to achieve improved overall safety. Emphasis is also placed on mitigation of
the consequence of potential accidents so that a balanced approach to safety is achieved.
This policy of excellence in safety is implemented through an integrated design
approach to safety which addresses the above mentioned three overlapping levels of
defense-in-depth, i.e., accident resistance, core damage prevention and mitigation, and which
uses a combination of a systematic plant review for accidents, analysis for their consequences
and is supplemented by a PRA.
Accident resistance will be designed in order to minimize the frequency and severity
of initiating events which could challenge safety. Policy implementation such as simplicity,
increase design margins (including increased time for operator response), and human factors
considerations will assure accident resistance.
Core damage prevention includes the systems and features which provide high confidence that if initiating events occur they will not progress to the point of core damage. The policy on core damage prevention is to provide investment protection for the Plant Owner.
Accident mitigation provision is to establish a challenging requirement on mitigation
and to provide conservative, rugged containment systems to meet this requirement and the
regulatory requirements.
- 6 -
2.5 DESIGN BASIS VERSUS SAFETY MARGIN
The Safety Policy above describes the integrated approach to safety with the three
overlapping levels of safety protection. Each of these levels of safety protection is divided
into a Licensing Design Basis and a Safety Margin Basis as depicted in Table 2.1. The
Licensing Design Basis (LDB), is the set of future CANDU safety design requirements which
are necessary to satisfy the regulatory requirements, including LDB transients and accident
events.
The required analyses will be done with the conservative, calculation methods and
assumptions and must meet mandated regulatory acceptance criteria. In the accident analysis,
the special safety systems must perform their required safety functions without credit for
active mitigation by the process systems.
The Safety Margin Basis (SMB) contains design requirements which provide margin beyond the minimum required by the Regulations, thereby providing additional safety assurance. The SMB requirements address investment protection and severe accident protection.
The increased investment protection addresses the utility desire to minimize financial
risk and also improves safety by improving accident prevention. The severe accident
protection incorporates the regulatory policy level guidance and provides increased assurance
of containment integrity and low leakage of radioactivity during a severe accident.
The LDB Evaluation Approach and the SMB Evaluation Approach are the methods, criteria and assumptions which are to be used by the Plant Designer in analyzing those portions of the future CANDU design which are required to meet the LDB and SMB, respectively. The main distinction between the LDB Evaluation Approach and the SMB Evaluation Approach is the fact that the former requires conservative design methods and acceptance criteria agreed to by the regulatory agency. The methods and criteria generally are subject to rigorous demonstration through peer review and testing. The SMB Evaluation Approach, on the other hand, is a best-estimate evaluation which, in the case of containment performance, for example, confirms the adequacy of the margin for severe accidents.
2.6 REGULATORY STABILIZATION
The regulatory stabilization policy is to achieve high assurance of licensability by
resolving open licensing issues, establishing acceptable severe accident provisions, and
achieving a design consistent with regulatory criteria. This policy is to be implemented
throughout the design and construction of the plant. The Plant Designer is required to
produce a design which is consistent with applicable regulations and regulatory guidance.
2.7 PLANT STANDARDIZATION
The future CANDU design recognizes the importance of standard designs.
Accordingly, design requirements which can form the technical foundation for standardized
- 7 -
detailed designs have been developed. Key plant features will be specified in sufficient detail in the FCRED to permit meaningful standardization.
2.8 PROVEN TECHNOLOGY
This policy is that successful, proven technology be employed throughout the plant,
including system and component designs, maintainability and operability features, and
construction techniques. The intent is to utilize the large experience base from operating
plants in order to minimize the risk to the plant owner, assure credibility and control of
schedules and costs, and ensure that a power plant prototype is not required.
Proven technology is defined as structures, systems, components, and design and analysis techniques with the same characteristics and materials, working conditions, and environments as those which have been successfully demonstrated, preferably through several years of operation in existing plants. In other areas the designer is to review existing data bases of PHWR operating experience to identify both positive experience as well as causes of significant events and unplanned outages, and to incorporate appropriate features in the plant design.
The proven technology policy encourages the use of advanced technology, especially in areas where there is a need to solve known problems or an opportunity for simplification, and where the advanced technology is proven. Assuring that advanced technologies are proven will typically require testing and/or proven successful use in other applicable industries.
2.9 MAINTAINABILITY
The maintainability policy is that the plant be designed from the outset to make the plant readily maintainable over its life. This includes providing standardization of components, designing equipment to minimize maintenance needs, designing to reduce occupational exposure, and designing to facilitate those maintenance needs which do exist. Such needs include activities to support inspection, test, repair, and replacement of equipment and systems over the plant life and assuring that adequate access, laydown space, tooling and services are provided as part of the basic plant design.
2.10 CONSTRUCTIBILITY
The specific, enforceable technical requirements in this area are to be included to
provide high assurance of success. Several such requirements are:
• Constructibility is to be explicitly considered in the design to enhance productivity and
assure known problems are addressed e.g., provide space and arrangement for construction
work and eliminate features which have caused major construction problems such as use of
unrealistic construction tolerances.
• Construction planning, erection, and installation activities shall maximize the use of
- 8 -
advanced techniques. Provisions for extensive modular construction shall be incorporated in
plant design at an early stage of design development. A schedule risk evaluation shall be
made for large, complex, modules to assess the potential effect on sequencing and fitup
with adjacent installations due to any possible delays.
• The overall schedule is to be developed jointly by the Constructor, Plant Designer, and
Startup Test organizations utilizing inputs from the principal suppliers and subcontractors.
Work progress shall be monitored and controlled so that corrective actions can be taken to
resolve problems and maintain the schedule milestones. The schedule shall be updated as
work progresses to realistically reflect the actual work status.
• Major design documents required for the first concrete placement shall be issued before
construction begins.
2.11 QUALITY ASSURANCE
The responsibility for quality design and construction work rests with the personnel
and management of the Plant Designer and Constructor organizations actually performing the
work. Further, an effective and adequate Quality Assurance (QA) Program will be established
and implemented to independently verify that the line organizations are performing work that
meets the defined QA requirements. The QA Program emphasis in audits and other QA
activities will be on performance (vs. being strictly compliance oriented).
2.12 SABOTAGE PROTECTION
Sabotage of nuclear power plants could potentially initiate events which challenge
safety systems or which prevent safety systems from operating. The sabotage protection
policy is to provide the following from inception of the design;
• A plant with built-in resistance to sabotage and reasonable capability to mitigate acts of
sabotage; • Additional sabotage resistance through the plant security system; • An overall design which integrates consideration of sabotage protection along with safety,
operability, and cost.
The built-in sabotage design features shall include physical separation of redundant
divisions and groups of safety systems. The plant security system shall include access
control and intrusion detection, a plant security organization, and plant operating procedures
and personnel practices which consider sabotage protection needs. The improved design is
achieved by requiring that the design of the plant security system be integrated with
finalizations of plant arrangement, safety system separation, and building structural design.
2.13 GOOD NEIGHBOUR
The good neighbour policy is that the plant be a good neighbour to its surrounding
environment and population. Substantial improvement in this regard shall be provided
compared to existing plants. To implement this policy, specific design requirements to limit
- 9 -
radioactive releases to the environment shall be defined.
It is also part of the good neighbour policy that the future CANDU unit be designed
to be an asset to the community in which it is located. This is to be provided through
requirements which provide a technical basis for safe and secure operation, favourable
economics and resulting cost of service compared to competing alternatives and non-intrusive
emergency planning.
2.14 ECONOMIC POLICY
The future CANDU NPP will be designed so that it has a significant economic
advantage compared with other power plant alternatives available in the same time frame.
The economic advantage is considered necessary in order to make the future CANDU NPP
attractive to prospective plant investors, given the perceived investment of a new nuclear
power plant. Implementing this policy necessitates that design requirements be specified
which will assure control of construction and operating costs. Therefore, great emphasis has
been placed on constructibility, simplicity, design margin, and other requirements which will
provide confidence that the construction schedule can be met, that licensing approval will be
obtained, that operating cost will be controlled, and that the plant design availability target
can be achieved.
- 10 -
Table 2. 1
Future CANDU Safety Foundation
Accident
Resistance
Core Damage Prevention
Mitigation
Evaluation
Approach
Licensing Design Basis (LDB)
Operating margins to meet regulatory
requirements.
In-service Inspection and Testing
PHTS Integrity.
Safety systems to meet Regulatory Requirements;
- Accident identified from systematic plant review, bounding cases chosen.
- Prevent exceeding regulatory dose limits
Containment and associated system - LOCA Design Basis
- Source Term (1)
Conservative, established design
methods (except for a small number of multiple failure events).
Regulatory approved standards, and acceptance criteria.
Special safety systems must perform
their required functions without credit
for active mitigation by the process
systems.
Conservative licensing analyses of
LDB events.
Meet licensing regulations and regulatory guidance (1).
Safety Margin Basis (SMB)
Increase Margin
Simplicity
System and Component
Reliability
Safety system features for
investment protection;
- Realistic accident sequences
(multiple failures) (2)
Greatly improved MMIS
Containment performance during
severe accident (3)
- Margin beyond LOCA
- Realistic Source Term
Best-estimate evaluations of design
margin and safety margin features.
Utility specified margin and
acceptance criteria.
Credit for both safety-related and
non safety-related equipment.
Realistic severe accident
evaluations supplement by PRA.
Meet regulatory severe accident
policy (3).
1. Future CANDU will comply with TID 14844 CANDU equivalent source term requirements.
2. Treated in CANDU PRA.
3. The emphasis is on mitigating severe accident consequences through use of the moderator
and the shield tank as emergency heat sinks to reduce containment loading.
- 11 -
3. TOP TIER DESIGN REQUIREMENTS
This section contains a summary of the top level design requirements in a narrative
format. The requirements are broken down by function: safety, performance, constructibility,
and design process.
3.1 TOP-TIER SAFETY DESIGN REQUIREMENTS
Safety design requirements are consistent with the three level of safety protection for
the future CANDU defined in the safety policy statement in Section 2. The top level safety
design requirements are broken down by these three levels of protection.
3.1.1 Accident Resistance
Design features are required to reduce the dependence on special safety systems to
achieve safety and protect the utility's investment. The design shall minimize the occurrence
and propagation of initiating events which could lead to larger events and resulting challenges
to safety systems. Top level accident resistance requirements include:
• Simplification shall be emphasized as described in the policy statement in Section 2.
• Ample margin shall be designed into the plant so as to provide a more forgiving and
resilient plant including:
- At least as big a margin to ROP trip as existing CANDU 6 plants;
- Pressurizer inventory and steam generator secondary side inventory larger than existing
CANDU 6 plants;
- Maximum fuel channel exit temperature of 312 °C.
• The DBE shall be 0.24 g.
• The reactor shall be designed so that the prompt reactivity feedback is negative under all
operating conditions.
• Use of best available materials and water chemistry shall be specified based on the
extensive operating experience.
• A greatly improved human-machine interface system shall be provided which will promote
error-free normal operations and quick and accurate diagnosis of off-normal conditions.
• The best proven diagnostic monitoring techniques shall be used for leak detection,
vibration, and other potential problems to minimize failure of rotating equipment and high
pressure systems.
• For most design basis accidents, no operator action is required for about eight hours after
initiation.
• For investment protection purposes, the operator shall have adequate time (30 minutes or
more after indication of the need for action) to act to prevent damage to equipment or to
prevent plant conditions which could result in significant outages.
- 12 -
3.1.2 Core Damage Prevention
Requirements for core damage prevention apply primarily to special safety systems
and include Licensing Design Basis requirements as well as Safety Margin Basis investment
protection requirements. Top-tier core damage prevention requirements are as follows:
• The future CANDU, in addition to its inherent characteristics (notably, the cool, low
pressure moderator in close proximity to the fuel) shall meet applicable regulatory
requirements with regard to special safety system design and analysis of plant and special
safety system response to the design basis transients and accidents.
- Specifically, two fully capable shutdown systems, independent from each other and the
reactor regulating system shall be provided.
- Process system failure coincident with a special safety system failure as a design basis
accident, shall be considered.
- Redundant, diverse and passive emergency sources of decay heat removal shall be
provided.
• For investment protection purposes, the future CANDU design shall be such that the core
can be used for further power operation in case of a postulated near instantaneous break
up to the size of the largest feeder pipe.
• The role of the operator in the future CANDU shall be that of an intelligent situation
manager in the event of off-normal conditions. The plant shall be designed to allow the
operator adequate time to evaluate the plant condition and decide what, if any, manual
action is needed. The plant shall not be designed to lock out the operator and prevent
appropriate manual operation that may be required. The plant shall, however, be designed
so as to prevent operator override of safety system functions as long as a valid safety
system actuation signal exists and the safety system is functioning correctly.
• The mean annual core damage frequency for the design shall be evaluated using PRA and
it shall be confirmed by the Plant Designer. The PRA shall be performed as part of the
conceptual and detailed design and shall be used by the Plant Designer as a tool to
identify and resolve any potential core damage and risk vulnerabilities, as an input to the
Plant Technical Specifications, and as an input to emergency procedure guidelines and
maintenance priorities.
• As part of performing the PRA, the Plant Designer shall define the technical basis to
allow the Plant Owner to assure that risk-significant system, structure, and component
design reliability is maintained and the key PRA assumptions continue to be met
throughout the plant life.
• The technical basis for an accident management program, including emergency procedure
guidelines (EPGs), to assure core damage prevention and mitigation to meet off-site dose
limits, shall be developed by the Plant Designer. The Plant Designer shall translate the
plant design basis into operational limitations and responses which can then be developed
in EPGs and training by the Plant Owner.
- 13 -
3.1.3 Mitigation
Design requirements for accident mitigation include those necessary for the Licensing
Design Basis as well as the Safety Margin Basis requirement to assure protection against
severe accidents. These design requirements are as follows;
• A large, rugged containment building and associated containment systems shall be provided
for heat removal and retention of radionuclides for Licensing Design Basis events.
Containment design pressure shall be based on the most limiting large loss of coolant
accident.
• Licensing Design Basis source term analyses shall be based on LOCA plus LOECC.
• The design shall allow siting at sites available in Korea.
• The Licensing Design Basis shall provide control of hydrogen (source term derived from
LOCA + LOECC analysis) so that the concentration of combustible hydrogen in
containment does not exceed 10 percent under dry conditions.
• The Safety Margin Basis shall consider severe accidents beyond the Licensing Design
Basis, including loss of the moderator as the emergency heat sink, best-estimate hydrogen
generation, realistic source terms, and best-estimate containment loads. Adequate severe
accident protection shall be provided through conservatisms inherent in the design, and
necessary plant features to assure core debris coolability, and avoid detonable concentrations
of hydrogen as necessary to meet the quantitative mitigation requirement stated below.
• Containment systems shall be designed so that regulatory dose limits can be met assuming
a containment design leak rate of not less than 0.2 percent by volume per day (source
term based on LOCA + LOECC).
3.1.4 Supplementary Requirements
• Active special safety systems shall be provided. The systems shall be simplified relative to
current plants so as to make them less complex, to minimize or eliminate realignments to
accomplish safety functions, and to minimize the number of active components, consistent
with other needs.
• For design basis accidents, no credit for manual operator action shall be necessary to meet
dose limits until at least 30 minutes following the initiating event.
• There shall be no fuel damage in the core for at least two hours after sustained loss of
all feedwater with no operator action.
• The plant shall be capable of withstanding a loss of off-site and on-site AC power for up
to eight hours without fuel damage.
• There shall be two independent and diverse on-site sources of emergency AC power.
• To prevent or mitigate common-cause events such as earthquake, fires and missiles, the
two group approach shall be followed.
- 14 -
3.2 TOP-TIER PERFORMANCE DESIGN REQUIREMENTS
The top level performance requirements presented in this section have been grouped
into five major categories. The first category presents required plant characteristics, such as
rating and design life. The second category presents maneuvering and transient response
requirements, such as startup and shutdown requirements. The third category presents
reliability and availability requirements. The fourth category contains operability,
maintainability, and surveillance testing requirements. The fifth category presents top tier
requirements for instrumentation and control systems.
3.2.1 Plant Characteristics Requirements
The top-tier requirements for plant characteristics are as follows:
• The plant shall be designed to operate for 60 years. Over this life span, components will need to be replaced, and special attention will need to be paid to material issues such as fatigue, corrosion, thermal aging and radiation embrittlement effects. Therefore, the design shall include features to permit component replacement within the design availability requirements and shall include analyses and data necessary to support the design life of materials.
• The plant should be capable of operation using on power refueling.
• Fuel mechanical design should be capable of assembly average bumups of at least 10 MWD/KgU.
• The plant shall be designed and constructed so that low level radioactive dry and wet waste volume, suitable for shipment off-site, shall be minimized.
• Wet storage capacity for the spent fuel resulting from five years of operation plus one core off-load of fuel shall be provided. This will be supplemented by the dry storage provision.
• The plant shall be designed and constructed so that occupational radiation exposure can be less than 100 man-rem/year averaged over the life of the plant.
3.2.2 Maneuvering and Transient Response Requirements
The top-tier requirements for maneuvering and non-accident transient response are
as follows:
• The plant shall be designed to provide overpressure protection.
• The plant shall be designed to meet the load following requirements including those for
Korea.
• The plant shall be designed to satisfy a 10 percent of rated power step demand increases
or decreases within ten minutes between 15 percent and 100 percent of rated power.
• The plant shall be capable of a generator load rejection from 100 percent power or less,
without reactor or turbine trip, and be able to continue stable operation with minimum
house electrical loads.
- 15 -
3.2.3 Reliability and Availability Requirements
The following top-tier reliability and availability requirements apply'-
• The plant shall be designed for an annual average availability of greater than 90 percent
over the life of the plant.
• The plant shall be designed to achieve the following outage durations:
- Planned Outages: 21 days/year.
- Minor Outages: less than 5 days/year.
- Major Outages: less than 180 days/10 years.
• The plant shall be designed to limit the number of unplanned automatic trips to be less
than one per year. In response to this requirement, the plant shall utilize a minimum
number of plant variables for reactor trip signals consistent with plant safety and shall
provide increased margin between the normal operating range and the trip set point of
safety variables so that the number of plant trips resulting from normal operation activities
is minimized.
3.2.4 Operability, Maintainability and Testing Requirements
The following top-tier requirements for operability, maintainability, and testing apply:
• Ease of operation shall be designed through such features as use of modem digital
technology for monitoring, control, and protection functions, a forgiving plant response to
upset conditions, design margins, and consideration of the environment in which the
operator must perform.
• The design shall incorporate the results of a systematic identification and resolution of
operational and maintenance problems which exist in current plants.
• Consistent with overall' simplification, the number of different types of equipment which
must be specified and maintained, i.e., valves, pumps, instruments, and electrical equipment,
shall be minimized by standardization, subject to diversification needs to avoid common
cause failure.
• The plant shall be designed to facilitate replacement of equipment, including major
components such as pressure tubes and steam generators, within design availability limits.
• Equipment shall be designed to have minimal, simple maintenance needs, and be designed
to facilitate needed maintenance.
• The layout of systems shall consider the maintenance and testing needs for access, pull
space, laydown space, and heavy lifts related to equipment pieces.
• The plant shall be designed so that the environment under which the maintenance and
testing of equipment must be performed provides satisfactory working conditions, including
temperature, radiation dose, ventilation, and illumination.
• The plant design shall include features to facilitate the use of robots for plant maintenance
activities. Such features shall address arrangements to accommodate movement, necessary
access ports in equipment, robot communication needs, and robot storage and
decontamination
- 16 -
• The surveillance tests shall be designed and where possible automated to measure simply
and directly the systems design basis performance parameters, preferably with the plant at
power in order to avoid adding tasks to the planned outage time. Mechanical and electrical
systems shall be designed to avoid plant trips, and plant equipment and layout shall be
designed to facilitate and simplify surveillance testing. The allowable interval between tests
should be increased where justified. Where surveillance tests must be performed during an
outage, the design should assure that the tests will not be in the critical path for the
outage.
• The Instrumentation and Control Systems shall be such that testing and maintenance is
greatly simplified with respect to current plants. For example, self-testing shall be included
and the testing automated to the degree practical.
3.2.5 Instrumentation and Control System Requirements
The top-tier requirements for the I&C Systems include the following:
• The I&C Systems shall employ modern technology, including multiplexing for monitoring,
control and protection functions. Multiplexing is to be used for any function where it-is
appropriate and reduces the cost and complexity of cable runs throughout the plant.
• The I&C Systems shall incorporate design features such as segmentation of major
operation functions, a degree of separation of redundant equipment within a segment, and
fault tolerant equipment to achieve high reliability and prevent propagation of a fault
between redundant equipment and from one segment to another. These features assure
"graceful" failure which allows continued plant operation to the extent practical.
- The I&C Systems design process shall be fully integrated with the remainder of the plant
design. The design process shall provide for iteration among the I&C System and plant
designers and shall use mock-ups, simulator, and operations and maintenance personnel
input in the I&C Systems design.
- The main control room shall be designed on the basis of a specified number of operators
being available for operation of the plant in all modes of operation.
• The main control room shall contain control facilities with display and control devices that
provide organized, hierarchical access to alarms, displays, and controls. The control
facilities shall have the full capability to perform main control room functions as well as
support division of operator responsibilities.
• The main control room shall incorporate modern, computer-driven displays to provide
enhanced operational trending information, validated data, and alarm prioritization and
supervision, as well as diagrammatic normal, abnormal, and emergency operating
procedures with embedded dynamic indication and alarm information. Optionally, extensive
use of data management and computer-aided design (CAD) techniques shall be made to
display piping and instrument (P&ID) drawings at varying levels of detail with updated
equipment status indication.
• The main control room and control station environment, e.g., radiation levels, lighting
levels, HVAC, sound levels, colours, etc., shall provide a comfortable, professional
atmosphere that enhances operator effectiveness and alertness.
- 17 -
• Local and stand-alone control systems shall be designed in the same rigorous way as the
main control stations and will use consistent labelling, nomenclature, etc. Particular
attention is to be paid to visibility, colour coding, use of mirnics, access, lighting, and
communication.
• An integrated, plant wide communication system shall be provided for construction and
operation.
3.3 TOP-TIER CONSTRUCTIBIL1TY REQUIREMENTS
The key top-level requirements for constructibility of the future CANDU can be
separated into three general areas: construction and design coordination requirements,
advanced technology requirements, and planning and scheduling requirements. All
requirements in these areas are oriented toward implementing the constructibility policy of
achieving an improved and effective construction activities.
3.3.1 Construction Duration and Design Completion Requirements
There are several key quantitative requirements on construction duration and design completion. The most important of these is that the design shall be 90 percent complete before placement of structural concrete. The 90 percent complete figure means 90 percent of all plant engineering design documents, including site specific documents but not counting vendor drawings, shall be 100 percent ready to issue for construction, procurement, or other future use. The vendor drawings necessary to allow this 90 percent complete plant engineering must also have been completed.
3.3.2 Construction and Design Coordination Requirements
The key requirements to obtain the needed coordination of design and construction
activity are as follows:
• Plant constructor personnel shall participate in the design process to assure that
constructibility requirements are adequately implemented.
• Design provisions to simplify and facilitate construction and startup shall be explicitly
considered in the design process. Such provisions include good crane and material handling
access, adequate space and access for construction activities, and provision for temporary
construction buildings and equipment.
• Standardized component sizes, types, and installation details shall be provided to improve
productivity and reduce material inventories.
• Realistic construction tolerances shall be specified to minimize unnecessary re-work and to
improve productivity.
• An experience review of previous construction problems shall be performed to assure
lessons learned are addressed in design and construction.
- 18 -
3.3.3 Advanced Construction Technology Requirements
Advanced technology requirements have been specified to support improved
constructibility in two major ways:
• Use of multiplexing in many of the instrumentation and control systems to reduce cable
pulling and thereby to simplify and accelerate construction.
• Modularization of equipment packages and structural elements to take advantage of
improved productivity and reduced labour costs of shop versus field labour. This
modularization in the design shall be accomplished while still preserving the space needed
for maintainability, testing, and other access-related requirements.
3.3.4 Integrated Construction Planning and Scheduling Requirements
Experience with existing construction projects has shpwn the importance of effective construction planning, scheduling, and monitoring. The key top-level requirements in this regard are:
• A detailed living construction plan shall jointly be developed prior to start of construction by the Plant Designer, Constructor, and Startup Test organization, utilizing input from principal suppliers and subcontractors. The plan shall establish the overall approach and provide a basis for developing and assessing schedules.
• Detailed schedules shall also be jointly developed prior to start of construction to integrate the design, procurement, construction, and startup testing activities up to Plant Owner acceptance. The startup testing requirements shall establish the logic for system turnover sequence and schedule including requirements necessary for defining system boundaries, establishing system numbering, and assuring timely turnover.
• Monitoring of the construction process shall be accomplished using quantitative methods appropriate to the particular activity, e.g., number of welds, feet of cable pulls, to make up-to-date assessments of progress and to anticipate where deviations from schedules may occur in time to take appropriate action to resolve problems and maintain schedule milestones. The schedule shall be updated as work progresses to realistically reflect the actual work status.
3.4 TOP-TIER DESIGN PROCESS REQUIREMENTS
This section provides top tier requirements for the process to be carried out in
design including use of the computerized design tools. The design process includes activities
such as development, testing, analyses, preparation of specifications and drawings, models,
reports and support of others as required to complete the licensing, construction, and startup
of the plant and turnover to the operator. The top-level design process requirements are
divided into three areas: design integration, information management and engineering
verification.
- 19 -
3.4.1 Design Integration Requirements
Complete and early integration of all factors important to the plant design is
necessary to minimize the need for redesign and backfit to assure adequate design interfaces,
and to minimize operational difficulties. The following top-tier requirements apply:
• The design process is to be managed and executed as a single integrated process.
Therefore, the requirements have been addressed to the Plant Designer even though the
effort may involve more than one organization (e.g., an Architect Engineer, an NSSS
supplier, and a Constructor).
• The Plant Designer shall prepare design basis documents for each plant system or element
which describe specific design criteria, the design features, and how these features satisfy
the criteria. The documents shall be sufficiently complete that an acceptable design can be
developed and that the potential acceptability and conformance to design requirements can
be judged.
• Interdisciplinary design reviews shall be conducted throughout the design and construction
process. These reviews shall include confirmation that the utility simplification policy is
being emphasized in the design and that all specific simplification requirements are being
addressed.
3.4.2 Information Management System (IMS) Requirements
The main objectives of the IMS requirements are as follows;
• To provide a logical breakdown of the plant into a number of systems and system groups and to use standard identification for all systems, components, facilities, and documentation which can be used for design, construction, and operation.
• To make effective utilization of computer aided design and engineering during design and construction, and after the plant is turned over to the operator.
• To provide for efficient implementation of a project information network.
• To provide an effective means to acquire, store, retrieve and manipulate the documents and data necessary to design, construct, startup, operate and maintain the plant.
• To assure that information needed for construction and operations is available when the plant is turned over to the owner.
3.4.3 Engineering Verification of As-built Conditions Requirements
As part of the design process, the Plant Designer shall identify and perform
necessary engineering verification activities to confirm adequacy of the installation,
specifically:
• Verification activities shall be identified early in the construction and scheduled so that
completed walkdowns and evaluations, as well as any necessary rework, support the
project completion milestones.
• Verification activities shall include a seismic walkdown to verify all key seismic
assumptions such as equipment anchorages and system interactions.
• To the extent practical, the design shall include provisions which avoid the need for
verification walkdowns during construction. Where verification is necessary, the Plant
Designer shall develop procedures, including walkdown objectives and scope, process for
- 20 -
evaluation, and process for resolution of items which do not meet the design intent.
Sampling techniques shall be used in preference to inspections of the total population in
question.
- 21 -
4. SUMMARY OF TOP-TIER DESIGN REQUIREMENTS
A brief summary of top-tier design requirements is provided in the following table.
The top-tier design requirements are categorized by major functions, including safety and
investment protection, performance, design process and constructibility. There is also a
category of general design requirements, such as simplification and proven technology, which
apply broadly to the design. These requirements reflect the policies described above and form
the basis for developing the detailed system design requirements for specific concepts in
FCRED.
- 22 -
Table 4. 1 Summary of Top-Tier Requirements
GENERAL DESIGN
REQUIREMENTS
Plant type and size
Safety system concept
Plant design life
Design philosophy
Plant siting envelope
PHWR, 900-1300 MWe (gross).
Simplified and improved active safety system concepts.
60 years.
Simple, rugged, high design margin, based on proven
technology; no power plant prototype required.
Must be acceptable for most available sites in Korea; 0.24
DBE.
PROTECTION
Accident resistance
Core damage prevention
• LOCA protection
• Core damage frequency
• Station blackout coping
time for core cooling
Design features which minimize the occurrence and severity of initiating event, such as: • Robust margin to ROP trip;
• Adequate time to respond to plant upset conditions through features such as increased steam generator, pressurizer and reserve water tank inventory;
• Use of best available materials.
Design features which prevent initiating events from progressing to the point of core damage.
No fuel damage in unaffected channels for any break up to the
size of the largest feeder pipe.
less than 10~5/ry.
8 hours minimum.
Mitigation
• Containment
• Licensing
• Whole body dose
• Hydrogen generation
Large, rugged containment building with design pressure based
on licensing design basis pipe break.
Existing AECB and KINS Requirements. Realistic source
term shall be utilized in Plant Probabilistic Risk Evaluation.
Less than 25 rem, frequency less that 10"6/ry.
Based on LOCA/LOECC source term for licensing design
basis to produce less than 10% hydrogen in containment.
- 23 -
PERFORMANCE
Design availability Refueling
Unplanned automatic scrams
Maneuvering
Load rejection
Site spent fuel wet storage
capability
Occupational radiation
exposure
90%
on power refueling.
less than 1/year.
load following and cycling capability.
loss of load without reactor trip or turbine trip.
5 years of operation plus one core off load supplemented by
provision of dry storage.
less than 100 man-rem per year.
OPERABILITY AND MAINTAINABILITY
Design for operation Operability features designed into plant, such as: forgiving
plant response for operators, design margin and operator
environment.
Design for maintenance Maintainability features designed into the plant, such as'-standardization of systems and components, equipment design for minimal maintenance needs, provision of adequate access, and improved working conditions.
Equipment access Ready access to equipment.
Equipment replacement Facilitate replacement of components, including steam generators.
INSTRUMENTATION AND CONTROL
Instrumentation and control
system
Current technology, including computer based systems, alarm
prioritization, fault tolerance, automatic testing, multiplexing,
error detection and correction technique, network
communication, open architecture equipment and software
design, object oriented software design and facility for
reconfiguration by operation staff and computer driven
displays.
Operations simplicity One operator shall be able to control plant during normal power operation.
Control centre Human factors engineered to enhance operator effectiveness,
utilizing mockups, simulation, and operator input to design.
24 -
DESIGN PROCESS AND C0NSTRUCTD3ILITY
Design and plan for Develop an integrated plan through plant owner acceptance.
construction
• Construction Period 46 months
(first concrete to in-service)
• Design completion 90% of all plant engineering design documents are complete
requirement before placement of structural concrete.
Design Process
• Design integration • Information management
Manage and execute design as a single, integrated process.
Computerized system and 3-D CAD models to generate and
utilize integrated plant technical data base during design,
construction, and operation.
- 25 -
서 지 ;져。 보 양 λ-11
수행기관보고셔 번호 위탁기관보고서 번호 표준보고서 번호 INIS 주제코드 번호
KAERVTR-647/96
제목/부제 개량형 중수로 원자력발전소 설계요건서(요약)
보고서 작성자 및 부서명 이 득수 (울진5,6호기 기술관리 분야) 외 3 인
발행지 대전 발행기관 한국원자력연구소 발행인 1996. 3
페이지 27 도표 유(0) 무( ) 크기 30 x 19
참고사항
비밀여부 공개(0), 대외비( ), 급비밀 보고서 종류 기술보고서
위탁연구기관 계약번호
요약 (300단어 내외)
개량형 중수로 발전소 설계요건서(요약)는 한국을 위시하여 차세대 중수로형 발전소에
대한 사용자 요건을 분명하고 완벽하게 기술하고있다. 기술된 요건들은 가압중수로의 경험에 업
각한 실증된 기술을 기초로 하여 범세계적인 현행 요건서에 명시된 설계요건들과 부합시키고자
한다. 나아가서, 이 종합된 설계요건서는 현재 채택가능한 범위 내에서 사용자의 업력을 최대한
포함시키고, 성능과 안전성을 증진시키기 위하여 단순하고, 강력하며 보다 여유 있는 설계를 보
증하고 있다.
본 설계 요건서는 핵증기공급계통과 보조설비계통은 물론 변전소와 송전 선을 연결하
는 회로차단기의 배전반 측에 있는 급전망과의 연계부분까지 망라한 발전소 전체를 대상으로
하고 있다. 또한 본 요건서는 발전소내의 저준위 방사성 폐기물의 처리요건과 사용후핵연료 저
장요건을 포함하고 있으며 소외 폐기물 폐기는 본 요건서에서 취급하지 않았다.
주제명 키워드 00단어 내외)사용자요건, 차세대, 경험, 실증; 요건서, 성능, 안전성, 단순,
강력
- 26 -
BIBLIOGRAPHIC INFORMATION SHEET
Performing Org.
Report No.
Sponsoring Org.
Report No.
Standard Report No. IMS Subject No.
KAER1/TR-647/96
Title/Subtitle FUTURE CANDU NUCLEAR POWER PLANT DESIGN REQUIREMENT
DOCUMENT, EXCUTIVE SUMMARY
Reporter and Department DEUCK SOO LEE (UCN 5&6 Technical Coordination Dept) et al.
Publication
Place Taejon Pub. Org KAERI Pub.Date 1996 3
Page 27 Figure and Table Yes(O) No( ) Size 30 x 19
Note
Classified OpenO), Outside( ), Class( ) Report Type Technical Report
Sponsoring Org.
Contract No.
Abstract (300 words)
The Future CANDU Requirements Document (FCRED) describes a clear and
complete statement of utility requirements for the next generation of CANDU nuclear power
plants including those in Korea. The requirements are based on proven technology of
PHWR experience and are intended to be consistent with those specified in the current
international requirement documents. Furthermore, these integrated set of design
requirements, incorporate utility input to the extent currently available and assure a simple,
robust and more forgiving design that enhances the performance and safety.
The FCRED addresses the entire plant, including the nuclear steam supply system
and the balance of the plant, up to the interface with the utility grid at the distribution side
of the circuit breakers which connect the switchyard to the transmission lines.
Requirements for processing of low level radioactive waste at the plant site and
spent fuel storage requirements are included in the FCRED. Off-site waste disposal is
beyond the scope of the FCRED.
Subject Keyword (10 words) Utility Requirements, Next Generation, Experiences, Proven, Requirement Document, Performance, SAfety, Simple, Robust
27
Top Related