Probabilistic Safety Goals. Phase 3 - Status Report
Jan-Erik Holmberg, Michael Knochenhauer
The first phase of the project (2006) described the status, concepts and history of probabilistic safety goals for nuclear power plants. The second and third phases (2007–2008) have provided guidance related to the resolution of some of the problems identified, and resulted in a common understanding regarding the definition of safety goals. The basic aim of phase 3 (2009) has been to increase the scope and level of detail of the project, and to start preparations of a guidance document. Based on the conclusions from the previous project phases, the following issues have been covered:
• Extension of international overview. Analysis of results from the questionnaire performed within the ongoing OECD/NEA WGRISK activity on probabilistic safety criteria, including participation in the preparation of the working report for OECD/NEA/WGRISK (to be finalised in phase 4).
• Use of subsidiary criteria and relations between these (to be finalised in phase 4).
• Numerical criteria when using probabilistic analyses in support of deterministic safety analysis (to be finalised in phase 4).
• Guidance for the formulation, application and interpretation of probabilistic safety criteria (to be finalised in phase 4)
Some conclusions from these activities are summarised below.
Overview of international safety goals
There are considerable differences in the status of the numerical risk criteria that have been defined in different countries. Some have been defined in law or regulations and are mandatory, some have been defined by the regulatory authority or by an authoritative body, and some have been defined by plant operators or designers. Hence the status of the criteria ranges from mandatory requirements to informal.
Three levels of risk criteria exist, i.e., at society level (mainly qualitative), at an intermediate level (quantitative and/or qualitative) and at a technical level (quantitative). The higher level criteria are typically concerned with the actual risk to society or individuals, or to the environment. Technical criteria are generally quantitative (probabilistic) and mostly on lower levels (subsidiary). They typically concern core damage, unacceptable release, and unacceptable health risks. In later years, some countries have defined separate criteria to address robustness in defence in depth, e.g., by having a separate criterion for containment integrity.
In most countries that have criteria both for existing and new reactors, the criteria are more strict for new plants. In some cases this is expressed by using the same numerical values for the frequencies, but applying them as limits for new plants and targets for existing plants.
Regarding consideration of uncertainties, there is consensus that the comparison with probabilistic safety criteria should use the “best estimate” of the PSA results.
In most cases, risk criteria for operating plants are applied when the PSA is updated, which results in a very large spread, as a considerable part of the respondents only update the PSA within the framework of the periodic safety review (generally 10 years), while others do updates on a yearly basis. Risk criteria are also used to assess the impact on risk of design modifications in the plant.
Risk criteria are mostly considered as indicators or orientation values, meaning that no regulatory actions are expected on non-compliance with a probabilistic safety criterion. Practically, there is a consensus on finding the reasons for the non-compliance and identification on the way to overcome it. However, for new builds application of risk criteria would be stricter.
When it comes to the interpretation of the criteria, several of the respondents agree that more work is needed in the definition of the various criteria. Thus, there seems to be a need for a common definition as to what constitutes severe core damage and large release. A strict and common definition would facilitate comparison of risks and results between different plants.
The general experience from the implementation of risk criteria is positive. Respondents who have implemented criteria have experienced various benefits. In a number of cases, design weaknesses or procedural weaknesses in NPPs have been identified using PSA and PSA criteria, resulting in the introduction of safety improvements. In many cases, the implementation of risk criteria and safety goals has lead to plant modifications in order to meet the probabilistic risk criteria. The implementation of safety goals often emphasizes the need for more detailed and realistic PSA models, and it appears that the use of safety goals has increased the focus on the correctness and quality of PSA models.
Use of subsidiary criteria and relations between these
Goals related to CDF and LRF are surrogates to societal and individual risk level criteria. To fully validate these goals, calculations of environmental consequences of release sequences would need to be made. In a few countries, the performance of level 3 PSAs is required, which would enable a direct evaluation of the compliance against societal and individual risk level criteria.
There are several aspects in the validation of subsidiary risk criteria, such as validity with respect to the definition of risk, validity with respect to rational decision making under risk, and validity with respect to the use of PSA. Taking these aspects into account means a combination of top-down and bottom-up approaches in the derivation of subsidiary risk criteria. For the top down approach, several references exist for societal and individual level risk criteria, and can be used as a basis, with decision theory providing the framework for the definition of rational risk criteria. For the bottom-up approach, it is necessary to define the objectives with PSA and how safety goals are used. Also experience from present PSAs are valuable in this process.
Numerical criteria when using probabilistic analyses in support of deterministic safety analysis
This sub-task mainly monitors the outcome from other on-going work regarding the relation between PSA and defence in depth.
Guidance for the formulation, application and interpretation of probabilistic safety criteria
This issue is an important part of the final project phase (2009). At the project seminar in December 2008, representatives from Nordic utilities and authorities participated in a workshop with discussions held along two lines, i.e., guidance related to either the definition or to the application and interpretation safety goals or criteria. Valuable input was received, and will be used as part of the basis for the guidance document to be developed during the concluding project phase.