European Nuclear Society
e-news Issue 37 Summer 2012
http://www.euronuclear.org/e-news/e-news-37/hsc.htm

TOPSAFE 2012

TOPSAFE 2012

Conference Highlights and Key Messages

From 22-26 April 2012, almost four years after TOPSAFE 2008, the latest edition of this annual conference devoted to safety issues relating to the nuclear industry took place in the beautiful capital city of Finland, Helsinki. The great level of interest that TOPSAFE 2012 generated was underlined by the fact that 137 participants from 28 countries took part. During three days of intensive discussions 80 papers were presented, including 55 from 14 EU countries, 21 papers from 9 non-EU countries (among them USA, Japan, Rep. of Korea, Russia, Ukraine etc.) and 4 papers from international institutions – IAEA, OECD, EC/JRC and FORATOM. In addition, 21 posters were also displayed. The presentations and posters were divided into the following categories: Lessons learned from Fukushima, External Hazards, Initiatives for Safety Assessment & Harmonisation of Regulations, Best Estimate Codes and Methods, Safety Assessment, Safety Analysis & Risk Assessment, Safety of Research Reactors, Severe Accident Management, Emergency Planning and Response, Safety Culture & Management of Safety, Research and Development, Education and Training, Trends in Nuclear Safety for Future Installations and Risk-Informed Decision-Making.

Context

After the accident at Fukushima, the safety focus for current reactors switched to a beyond design accident approach, including the factoring in of extreme natural conditions. At the same time, other important aspects, such the improvement of reactor operability, possibilities for power uprate and lifetime extension and how these can be performed without compromising safety, also featured high on the agenda. Each of these actions has an economic dimension. In particular, developing defence-in-depth to take into account beyond design considerations poses the question of whether it should really be carried out - bearing in mind to what extent it is economically viable or whether there is a need for negotiating an international consensus on a limit.  

Another question is whether nuclear power plants should be included in the national critical infrastructure (something that is not done in the EU). This not only relates to the organisation of emergency evacuation and post-accident recovery, but also to insurance coverage for the nuclear industry.  The accident cost ~300 billion Yens, which compelled the Japanese government to nationalise the operator, TEPCO, because no insurance company could cover such an amount.

Lessons learned from Fukushima

TEPCO gave an important presentation that provided a thorough technical and organisational analysis of the accident. Based on this, and other presentations, a very important discussion was launched during TOPSAFE 2012 on the question of whether this accident was a residual risk or not, taking into account the so-called Black Swan concept which refers to “unexpected but not unpredictable or unknown rare events that - if they happen - always have great consequences.” The fact that Japanese scientists are leaders in tsunami expertise shows the gap that exists between science and practice. Furthermore, the fact that historical records on tsunamis in Japan over the last centuries have been kept also shows that the combination of earthquake and tsunami in Japan is not a residual risk, and that this Black Swan was not so unexpected or unlikely to happen. The possibility of it really happening had been rather underestimated. This truth can be applied to two other large nuclear accidents – Three Mile Island (TMI) and Chernobyl. They too were unexpected, but didn’t constitute a completely unknown phenomenon. The risk of them taking place was not properly appreciated either. For instance, for a RBMK reactor there is a positive void reactivity coefficient and operational procedures had been put in place to avoid an accident occurring.  However, these restrictions were ignored. Regarding TMI, 6 years before the accident, an article had been published stating that in the plant’s PWR design, a small LOCA, could lead to core uncovering, but the article’s warning was overlooked.
 
During a key presentation given by STUK, reference was made to a Japanese proverb that says: “If you sit on a stone for three years, you get used to it”. Could this have led to a compromise on safety? Can this be true for all nuclear plants worldwide? A western proverb says: “There are gains for all our losses”. The gains in this case were the results from the stress-tests performed on 143 European nuclear units (together with all 15 units in Ukraine) relating to beyond-design factors. Defining in particular the cliff-edge effects, the stress-tests illustrated the overall stability of the plants that were tested. But they also indicated scope for improvements when severe accidents occur, including in the area of spent fuel safety.

Another lesson from Fukushima is that not only designs must be improved by implementing hardware measures, but also that the organisation of emergency response and off-site preparedness should be perfected too.

External hazards

Again in the light of Fukushima, this session was organised to focus attention on external hazards that can lead to severe accidents. EPR design was presented highlighting its ability to resist for a long time in black-out mode under extreme external conditions. Another presentation focused on seismic mapping during the design and siting of nuclear power plants using state-of-the-art methods.

Discussion in the corridors focused on the problem of what should be the classification of existing NPPs and those under construction. Indeed, there is no document detailing this largely used classification. A key message here was that Gen III+ plants should be able to resist (without core melting) at least 72 hours under extreme conditions and without access to external power and/or to external heat sink. All others should be classified as Gen III (no reference to Gen II).

Initiatives for harmonisation of safety approaches and regulations

Several presentations were made on the harmonisation of safety approaches. Participants were familiar with the activities of FORATOM/ENISS. FORATOM currently represents nuclear utilities and operating companies in 16 European countries, including Switzerland. ENISS has been engaged in constructive dialogue with WENRA, discussing the safety reference levels for operating plants and safety objectives for new plants. It has also been involved in the IAEA Safety Standards revision work, has provided comments on the EU Basic Safety Standards, has participated in the ENEF process in cooperation with EUR and has played an important role in the stress-tests set-up.

Two presentations were dedicated to the harmonisation of requirements in I&C and software-based safety control systems. One of them presented the EU’s Seventh Framework Programme (FP7) project called HARMONICS (Harmonised Assessment of Reliability of Modern Nuclear I&C software). The reasons for promoting such a project are as follows: the reliability and safety of computer-based systems that implement safety functions are crucial to the safe and economic operation of nuclear power plants; usually software cannot be proven to be completely defect-free, defects could potentially lead to common causes of failure which in turn could defeat redundancy and undermine defence-in-depth; differences in current national safety justification principles and methods restrict cooperation and hinder the emergence of widely accepted best practices. Together, and in cooperation with a similar on-going project in China, called RAVONSICS (Reliability And V&V Of Nuclear Safety I&C Software), HARMONICS will address the difficult issue of justifying claims about I&C software contribution to the reliability of a protection function, claims that are likely to be dominated by the CCF contribution. This is still a difficult area because there is no prevailing international or scientific consensus.
 
The second presentation, from Ukraine, pointed out the huge amount of international standards and regulations governing the diversity and safety assessment of multi-version NPP I&C systems. Obviously a harmonisation in this field will eventually be needed.

The key message from this session was that nuclear safety is an integration of human, technical, organisational and regulatory issues. The harmonisation of safety requirements should cover all of them. It is a tool for improving safety.

Best estimate codes and methods

Eight papers have been written (of which five were presented during the conference) on the leading role played in this field by Pisa University. The BEPU (best estimate plus uncertainty) approach has been demonstrated as challenging the current process for the licensing of nuclear reactors. A remarkable example was given of the implementation of BEPU in the preparation of Chapter 15 (Accident Analyses) of the FSAR (Final Safety Analyses Report) for the Argentinian Atucha II PHWR. There are two key steps in the process: a) selection of PIE (postulated initiating events) and b) analysis by best estimate models, supported by uncertainty evaluation.  

The key elements of the approach are: 1) availability of qualified computational tools including the uncertainty method 2) demonstration of quality and 3) acceptability and endorsement by the regulatory body (which is what finally happened). Another interesting series of presentations was devoted to the reassessment of the safety zones of tolerance and acceptability in BEPU, using uncertainty and probabilistic approaches.

The key message to emerge from this session was that the future for the licensing process of NPPs, incorporating accident evaluation in the safety analysis reports, consists of the using of best estimate models and codes, while at the same time evaluating the uncertainty of the processes.

Safety analyses

An analysis of SBLOCA at AP-1000 was presented. It showed that the accident can only be resolved by the passive systems. Active systems are designed to cope with intact loop accidents and with bigger leaks from the primary circuit.  

The Korean Institute of Nuclear Safety presented a paper entitled: Regulatory Experience on Safety Analysis for Continuous Operation and its Perspectives. The latter is related to the lifetime extension of some of their plants. The process was reported to be similar to the licencing renewal process used in the US. Most of the issues have been raised following feed-back from operators and after taking into account research results from both the home country and foreign countries. The need for independent auditing analysis that was raised related to: LBLOCA regarding the effect of modelling scheme on UPI phenomena, the margin of boron precipitation at the core and the effect of sump clogging on core thermal response.

Several presentations were dedicated to the defence-in-depth (DiD) concept. According to this philosophy, the design basis of an NPP can be assessed in terms of the design bases for each level of DiD.

CFD codes application

Three presentations spread over three different sessions (Risk Assessment, Safety Analyses and Risk Informed Decision Making) were given by young professionals from NRG, the Nuclear Research and Consultancy Group, in the Netherlands. They focused on CFD applications: two of them on Hydrogen Distribution Analyses with CFD and the other on High-fidelity CFD Calculation Methods for Nuclear Safety (with an emphasis on PTS analyses).

Nevertheless, the lack of experience in this field highlighted a key message: computer technology is developing so fast and CFD codes could be capable of predicting in real time the development of a potential accident.

During the closing session, a round-table discussion, two additional key messages were articulated in relation to CFD codes implementation: 1) the future of safety report analyses lies in the application of CFD codes and 2)There is no harmonisation in this area and international standards and rules (especially from the IAEA) do not exist.

Safety & risk assessment

It was reported in the IAEA Nuclear Technology Review that: “Safety indicators such as those published by the World Association of Nuclear Operators (WANO) indicate that the gap between the best and worst performers is still large, providing substantial room for continuing improvement.” The latter means that safety standards and requirements should be more thoroughly implemented down the line in some countries.

It is obvious that today it is very important to combine deterministic and probabilistic approaches and the Risk Oriented Accident Analysis Methodology (ROAAM) is a good example of this.

The three severe accidents at TMI, Chernobyl and Fukushima revealed that there is no such a thing as ‘absolutely safe’. We will not mention here probabilistic risk assessment results like “core damage once in a million years”. The final number of CDF, LERF is not so important as DCDF and DLERF, which seeks to make continuous improvements in the safety of nuclear installations and to assess these modifications in terms of decreasing risk. This was also one of the key messages to emerge from the conference.

Safety culture and knowledge management

In nuclear organisations safety culture is usually defined as a organisation’s values and conduct, modelled by its leaders and internalised by its members, which serve to make the safe operation of the nuclear installation the overriding priority.

As the IAEA presentation highlighted, the concepts of safety culture and knowledge management have become critical to the nuclear field. After TMI industry and governments focused on the prevention of technical breakdowns. Actions at the design stage were undertaken, the concept of defense-in-depth was developed, a systematic approach to training gradually became considered as the desired norm. After Chernobyl, it was recognised that in addition to technical aspects human factors also play a critical role and that safety as the main priority is essential to the whole organisational culture of a facility. In 2011, after Fukushima, it became obvious that catastrophic external events might cause consequences that were hardly imagined before. First analysis of the event showed precisely that in addition to improving design and maintaining safety culture, knowledge management and the decision-making process are also critical to handling abnormal circumstances efficiently.

Education and training

An answer on what to do to solve the aforementioned problems was given during a presentation on the FP7 project, which will provide a schedule for training managers on nuclear safety culture. Its aim is to increase insight, knowledge and the ability of a manager to manage the unique interactions between safety and a variety of technological, economic, human and organisational factors in a changing nuclear environment. NEA/OECD presented their evolutionary views on workforce building through education and training (E&T). Previous initiatives have focused on the education of professionals, but attracting sufficient numbers into the industry has also proven difficult. Little coordinated effort has been directed at technical skills. The major findings that have emerged are that an international taxonomy can be a powerful tool for the development and harmonisation of: training standards and qualifications, workforce mobility, the international labour market, research scenario planning, human resources (HR) observatories and ‘passports’ for training and gaining experience. Good examples for the latter are: the Nuclear Uniform Curriculum Programme and Qualification Cards, in the US; the Nuclear Passport initiative in UK; the “carnet d’accès” in France, etc.

Systematic approaches to increasing competency at all workforce levels should be promoted nationally and internationally. Governments should support international initiatives that foster consistent quality of education and training in different countries and contribute overall to enhancing HR development capacities.

Conclusion

During the final discussion participants were unanimous that although it seems that the nuclear renaissance has slowed down, one should still think more in the direction of new build than closing down existing nuclear programmes. The increasing level of energy demand in countries like China, India and other growing economics, is proof that the nuclear industry will have to develop fast within a context of the global hardening of safety requirements. The factors that drive the rapid need for building more nuclear power plants worldwide include: the global population explosion, an increasing need for energy and electricity, urbanisation, industrialisation, the fact that large economies are suffering from insufficient electricity provision, climate change concerns, energy efficiency (automation, electric trains, cars, etc.), energy independence, volatile energy prices and declining energy sources. As it was stated during the conference, these drivers were the same pre-Fukushima as they are post-Fukushima. The global economic problems that have persisted since 2008 have played a very small role (if at all) in the expansion programmes that have been launched in countries with nuclear power plants or countries that are embarking upon nuclear new build. This fact highlights the primary role and significance of safety. TOPSAFE conferences can serve as an excellent instrument for encouraging nuclear organisations to express their views on various aspects of nuclear safety.

ENS High Scientific Council,
Prepared by Dimitar Popov
June 2012

ENS
© European Nuclear Society, 2012