Severe Accident Analysis
Design Basis Accident Analysis (DBAA) may not include the full range of identified faults because it may not be reasonably practicable to make design provision against the more unlikely faults. It therefore does not address severe but very unlikely faults in which the designed safety measures may be ineffective. This is addressed by Severe Accident Analysis (SAA). Robust application of DBAA should ensure that severe accidents are highly unlikely. Nevertheless, the principle of Defence in Depth (DiD) requires that fault sequences leading to severe accidents are analysed and provision made to address their consequences.
SAA is undertaken to evaluate the ability of the design to withstand severe faults and failures that could lead to large releases of radioactivity above the radiological consequence Basic Safety Levels (BSLs). It will also identify any provisions needed to provide Defence in Depth to such severe accidents.
Severe accidents are a subset of beyond design basis accidents that are caused by safety systems failing to perform one or more of their safety functions leading to damage that challenges the integrity of the remaining barriers to the release of radioactive material. Such fault sequences are selected by adding additional failures or incorrect operator responses to the DBAA sequences (to include safety system failure) and to the dominant fault sequences from the Probabilistic Safety Assessment (PSA).
SAA should also be undertaken on severe fault sequences in order to determine those sequences for which reasonably practicable, preventive or mitigation safety measures can be identified. Acceptable measures need not involve the application of conservative engineering practices used in setting and evaluating design basis accidents, but rather should be based upon realistic or best-estimate assumptions, methods and analytical criteria. This information is used primarily to give realistic guidance if such an accident occurred, and to identify any further plant or equipment options for improving accident management. The effectiveness of any provisions at reducing risk should be evaluated within the PSA.
The SAA considers significant but unlikely accidents and provides information on their progression, both within the utility or facility and also beyond the site boundary. This is used, for example, to inform emergency measures that may be taken to limit received radiation doses. SAA is particularly important in assessing the overall impact of the site in terms of the risks of major accidents that could lead to significant off-site consequence. The aim of SAA is to:
- Evaluate the ability of the design to withstand severe accidents and to identify particular vulnerabilities. This includes assessment of equipment that could be used in accident management and instrumentation that could be used to monitor the course of the accident.
- Assess the need for additional features and associated Safety Functional Requirements (SFRs) that could be incorporated in the Structure, System and Components (SSCs) design to provide Defence in Depth for severe accidents.
- Identify accident management measures that could be carried out to mitigate accident effects.
- Develop an accident management programme to be followed in severe accident conditions.
- Provide input for the emergency planning arrangements.
- Support the PSA of the facilities design and operation.
Validation is required within the safety case for any methods and models used in support of the SAA. For any fault sequence beyond the design basis with potential to lead to a severe accident the analysis should include:
- A determination of the magnitude and characteristics of the radiological consequences for on-site and off-site individuals, and also any societal effects.
- A demonstration that there is no escalation of consequences immediately beyond the design basis.
- Consideration of failures that could occur in the physical barriers preventing release of radiological material.