The power of simplification: Operator interface with the AP1000{sup R} during design-basis and beyond design-basis events
- Westinghouse Electric Company, 1000 Westinghouse Drive, Cranberry Township, PA 16066 (United States)
The AP1000{sup R} plant is an 1100-MWe pressurized water reactor with passive safety features and extensive plant simplifications that enhance construction, operation, maintenance, safety and cost. The passive safety features are designed to function without safety-grade support systems such as component cooling water, service water, compressed air or HVAC. The AP1000 passive safety features achieve and maintain safe shutdown in case of a design-basis accident for 72 hours without need for operator action, meeting the expectations provided in the European Utility Requirements and the Utility Requirement Document for passive plants. Limited operator actions may be required to maintain safe conditions in the spent fuel pool (SFP) via passive means. This safety approach therefore minimizes the reliance on operator action for accident mitigation, and this paper examines the operator interaction with the Human-System Interface (HSI) as the severity of an accident increases from an anticipated transient to a design basis accident and finally, to a beyond-design-basis event. The AP1000 Control Room design provides an extremely effective environment for addressing the first 72 hours of design-basis events and transients, providing ease of information dissemination and minimal reliance upon operator actions. Symptom-based procedures including Emergency Operating Procedures (EOPs), Abnormal Operating Procedures (AOPs) and Alarm Response Procedures (ARPs) are used to mitigate design basis transients and accidents. Use of the Computerized Procedure System (CPS) aids the operators during mitigation of the event. The CPS provides cues and direction to the operators as the event progresses. If the event becomes progressively worse or lasts longer than 72 hours, and depending upon the nature of failures that may have occurred, minimal operator actions may be required outside of the control room in areas that have been designed to be accessible using components that have been designed to be reliable in these conditions. The primary goal of any such actions is to maintain or refill the passive inventory available to cool the core, containment and spent fuel pool in the safety-related and seismically qualified Passive Containment Cooling Water Storage Tank (PCCWST). The seismically-qualified, ground-mounted Passive Containment Cooling Ancillary Water Storage Tank (PCCAWST) is also available for this function as appropriate. The primary effect of these actions would be to increase the coping time for the AP1000 during design basis events, as well as events such as those described above, from 72 hours without operator intervention to 7 days with minimal operator actions. These Operator actions necessary to protect the health and safety of the public are addressed in the Post-72 Hour procedures, as well as some EOPs, AOPs, ARPs and the Severe Accident Management Guidelines (SAMGs). Should the event continue to become more severe and plant conditions degrade further with indications of inadequate core cooling, the SAMGs provide guidance for strategies to address these hypothetical severe accident conditions. The AP1000 SAMG diagnoses and actions are prioritized to first utilize the AP1000 features that are expected to retain a damaged core inside the reactor vessel. Only one strategy is undertaken at any time. This strategy will be followed and its effectiveness evaluated before other strategies are undertaken. This is a key feature of both the symptom-oriented AP1000 EOPs and the AP1000 SAMGs which maximizes the probability of retaining a damaged core inside the reactor vessel and containment while minimizing the chances for confusion and human errors during implementation. The AP1000 SAMGs are simple and straight-forward and have been developed with considerable input from human factors and plant operations experts. Most importantly, and different from severe accident management strategies for other plants, the AP1000 SAMGs do not require diagnosis of the location of the core (i.e., whether reactor vessel failure has occurred). This is a fundamental consequence of the AP1000 In-Vessel Retention approach, which allows severe accident management to be based on fundamental principles (e.g. provide coolant as close as possible to the core) that do not change during a specific event. This eliminates the need for one of the more difficult diagnostic requirements, since reactor vessel failure does not directly relate to any measurable plant parameter, and differs from other designs in that an engineered failure of the pressure vessel' (e.g. core catcher) is never required. (authors)
- Research Organization:
- American Nuclear Society, 555 North Kensington Avenue, La Grange Park, IL 60526 (United States)
- OSTI ID:
- 22105924
- Resource Relation:
- Conference: ICAPP '12: 2012 International Congress on Advances in Nuclear Power Plants, Chicago, IL (United States), 24-28 Jun 2012; Other Information: Country of input: France; 9 refs.; Related Information: In: Proceedings of the 2012 International Congress on Advances in Nuclear Power Plants - ICAPP '12| 2799 p.
- Country of Publication:
- United States
- Language:
- English
Similar Records
AP1000{sup R} nuclear power plant safety overview for spent fuel cooling
Development of Emergency Response Guidelines (ERGs) for AP1000
Related Subjects
ACCIDENT MANAGEMENT
CONTAINMENT
CONTROL ROOMS
COOLING SYSTEMS
CORE CATCHERS
DESIGN BASIS ACCIDENTS
FAILURES
FUEL STORAGE POOLS
HUMAN FACTORS
INFORMATION DISSEMINATION
MAN-MACHINE SYSTEMS
PRESSURE VESSELS
PWR TYPE REACTORS
REACTOR MAINTENANCE
REACTOR OPERATION
REACTOR OPERATORS
REACTOR SAFETY
REACTOR SHUTDOWN
REACTOR VESSELS
SPENT FUELS