The three primary objectives of nuclear reactor safety systems as defined by the U.S. Nuclear Regulatory Commission are to shut down the reactor, maintain it in a shutdown condition and prevent the release of radioactive material.[1]
A reactor protection system is designed to immediately terminate the nuclear reaction. By breaking the nuclear chain reaction, the source of heat is eliminated. Other systems can then be used to remove decay heat from the core. All nuclear plants have some form of reactor protection system.
Control rods are a series of rods that can be quickly inserted into the reactor core to absorb neutrons and rapidly terminate the nuclear reaction.[2] They are typically composed of actinides, lanthanides, transition metals, and boron,[3] in various alloys with structural backing such as steel. In addition to being neutron absorbent, the alloys used also are required to have at least a low coefficient of thermal expansion so that they do not jam under high temperatures, and they have to be self-lubricating metal on metal, because at the temperatures experienced by nuclear reactor cores oil lubrication would foul too quickly.
Boiling water reactors are able to SCRAM the reactor completely with the help of their control rods. In the case of a loss of coolant accident (LOCA), the water-loss of the primary cooling system can be compensated with normal water pumped into the cooling circuit. On the other hand, the standby liquid control (SLC) system (SLCS) consists of a solution containing boric acid, which acts as a neutron poison and rapidly floods the core in case of problems with the stopping of the chain reaction.[4]
Pressurized water reactors also can SCRAM the reactor completely with the help of their control rods. PWRs also use boric acid to make fine adjustments to reactor power level, or reactivity, using their Chemical and Volume Control System (CVCS).[5] In the case of LOCA, PWRs have three sources of backup cooling water, high pressure injection (HPI), low pressure injection (LPI), and core flood tanks (CFTs).[6] They all use water with a high concentration of boron.
The essential service water system (ESWS) circulates the water that cools the plant's heat exchangers and other components before dissipating the heat into the environment. Because this includes cooling the systems that remove decay heat from both the primary system and the spent fuel rod cooling ponds, the ESWS is a safety-critical system.[7] Since the water is frequently drawn from an adjacent river, the sea, or other large body of water, the system can be fouled by seaweed, marine organisms, oil pollution, ice and debris.[8] In locations without a large body of water in which to dissipate the heat, water is recirculated via a cooling tower.
The failure of half of the ESWS pumps was one of the factors that endangered safety in the 1999 Blayais Nuclear Power Plant flood,[9] [10] while a total loss occurred during the Fukushima I and Fukushima II nuclear accidents in 2011.[11]
Emergency core cooling systems (ECCS) are designed to safely shut down a nuclear reactor during accident conditions. The ECCS allows the plant to respond to a variety of accident conditions (e.g. LOCAs) and additionally introduce redundancy so that the plant can be shut down even with one or more subsystem failures. In most plants, ECCS is composed of the following systems:
The High Pressure Coolant Injection (HPCI) System consists of a pump or pumps that have sufficient pressure to inject coolant into the reactor vessel while it is pressurized. It is designed to monitor the level of coolant in the reactor vessel and automatically inject coolant when the level drops below a threshold. This system is normally the first line of defense for a reactor since it can be used while the reactor vessel is still highly pressurized.
The Automatic Depressurization System (ADS) consists of a series of valves which open to vent steam several feet under the surface of a large pool of liquid water (known as the wetwell or torus) in pressure suppression type containments (typically used in boiling water reactor designs), or directly into the primary containment structure in other types of containments, such as large-dry or ice-condenser containments (typically used in pressurized water reactor designs). The actuation of these valves depressurizes the reactor vessel and allows lower pressure coolant injection systems to function, which have very large capacities in comparison to the high pressure systems. Some depressurization systems are automatic in function, while others may require operators to manually activate them. In pressurized water reactors with large dry or ice condenser containments, the valves of the system are called Pilot-operated relief valves.
An LPCI is an emergency system which consists of a pump that injects a coolant into the reactor vessel once it has been depressurized. In some nuclear power plants an LPCI is a mode of operation of a residual heat removal system, also known as an RHR or RHS but is generally called LPCI. It is also not a stand-alone valve or system.
This system uses spargers (pipes fitted with an array of many small spray nozzles) within the reactor pressure vessel to spray water directly onto the fuel rods, suppressing the generation of steam. Reactor designs can include core spray in high-pressure and low-pressure modes.
This system consists of a series of pumps and spargers that spray coolant into the upper portion of the primary containment structure. It is designed to condense the steam into liquid within the primary containment structure in order to prevent overpressure and overtemperature, which could lead to leakage, followed by involuntary depressurization.
This system is often driven by a steam turbine to provide enough water to safely cool the reactor if the reactor building is isolated from the control and turbine buildings. Steam turbine driven cooling pumps with pneumatic controls can run at mechanically controlled adjustable speeds, without battery power, emergency generator, or off-site electrical power. The Isolation cooling system is a defensive system against a condition known as station blackout. This system is not part of the ECCS and does not have a low coolant accident function. For pressurized water reactors, this system acts in the secondary cooling circuit and is called Turbine driven auxiliary feedwater system.
Under normal conditions, nuclear power plants receive power from generator. However, during an accident a plant may lose access to this power supply and thus may be required to generate its own power to supply its emergency systems. These electrical systems usually consist of diesel generators and batteries.
Diesel generators are employed to power the site during emergency situations. They are usually sized such that a single one can provide all the required power for a facility to shut down during an emergency. Facilities have multiple generators for redundancy. Additionally, systems that are required to shut down the reactor have separate electrical sources (often separate generators) so that they do not affect shutdown capability.
Loss of electrical power can occur suddenly and can damage or undermine equipment. To prevent damage, motor-generators can be tied to flywheels that can provide uninterrupted electrical power to equipment for a brief period. Often they are used to provide electrical power until the plant electrical supply can be switched to the batteries and/or diesel generators.
Batteries often form the final redundant backup electrical system and are also capable of providing sufficient electrical power to shut down a plant.
Containment systems are designed to prevent the release of radioactive material into the environment.
The fuel cladding is the first layer of protection around the nuclear fuel and is designed to protect the fuel from corrosion that would spread fuel material throughout the reactor coolant circuit. In most reactors it takes the form of a sealed metallic or ceramic layer. It also serves to trap fission products, especially those that are gaseous at the reactor's operating temperature, such as krypton, xenon and iodine. Cladding does not constitute shielding, and must be developed such that it absorbs as little radiation as possible. For this reason, materials such as magnesium and zirconium are used for their low neutron capture cross sections.
The reactor vessel is the first layer of shielding around the nuclear fuel and usually is designed to trap most of the radiation released during a nuclear reaction. The reactor vessel is also designed to withstand high pressures.
The primary containment system usually consists of a large metal and/or concrete structure (often cylindrical or bulb shaped) that contains the reactor vessel. In most reactors it also contains the radioactively contaminated systems. The primary containment system is designed to withstand strong internal pressures resulting from a leak or intentional depressurization of the reactor vessel.
Some plants have a secondary containment system that encompasses the primary system. This is very common in BWRs because most of the steam systems, including the turbine, contain radioactive materials.
In case of a full melt-down, the fuel would most likely end up on the concrete floor of the primary containment building. Concrete can withstand a great deal of heat, so the thick flat concrete floor in the primary containment will often be sufficient protection against the so-called China Syndrome. The Chernobyl plant didn't have a containment building, but the core was eventually stopped by the concrete foundation. Due to concerns that the core would melt its way through the concrete, a "core catching device" was invented, and a mine was quickly dug under the plant with the intention to install such a device. The device contains a quantity of metal designed to melt, diluting the corium and increasing its heat conductivity; the diluted metallic mass could then be cooled by water circulating in the floor. Today, all new Russian-designed reactors are equipped with core-catchers in the bottom of the containment building.[12]
The AREVA EPR, SNR-300, SWR1000, ESBWR, and Atmea I reactors have core catchers.
The ABWR has a thick layer of basaltic concrete floor specifically designed to catch the core.[13]
A standby gas treatment system (SGTS) is part of the secondary containment system. The SGTS system filters and pumps air from secondary containment to the environment and maintains a negative pressure within the secondary containment to limit the release of radioactive material.
Each SGTS train generally consists of a mist eliminator/roughing filter; an electric heater; a prefilter; two absolute (HEPA) filters; an activated charcoal filter; an exhaust fan; and associated valves, ductwork, dampers, instrumentation and controls. The signals that trip the SGTS system are plant-specific; however, automatic trips are generally associated with the electric heaters and a high temperature condition in the charcoal filters.
In case of a radioactive release, most plants have a system designed to remove radioactivity from the air to reduce the effects of the radioactivity release on the employees and public. This system usually consists of containment ventilation that removes radioactivity and steam from primary containment. Control room ventilation ensures that plant operators are protected. This system often consists of activated charcoal filters that remove radioactive isotopes from the air.