270 likes | 444 Views
Session B – Key Discussion Topics Facilitator – E. Lessard DOE Accelerator Safety Workshop SLAC National Accelerator Laboratory 8-17-2010 to 8-19-2010. Proposed Terminology Changes Interface with DOE Rules, Orders and Guides Other Topics From the Morning Session.
E N D
Session B – Key Discussion Topics Facilitator – E. Lessard DOE Accelerator Safety Workshop SLAC National Accelerator Laboratory 8-17-2010 to 8-19-2010 Proposed Terminology ChangesInterface with DOE Rules, Orders and GuidesOther Topics From the Morning Session
Accelerator vs. Nuclear Terms • Accelerator Facility means the accelerator and associated roads, plant and equipment utilizing, or supporting the production of, accelerated particle beams and the radioactive material created by those beams to which access is controlled to protect the safety and health of persons. It includes injectors, targets, beam dumps, detectors, experimental halls, non-contiguous support and analysis facilities, experimental enclosures and experimental apparatus utilizing the accelerator, etc, regardless of where that apparatus may have been designed, fabricated, or constructed – in sum all systems, components and activities that are bounded by the hazard analysis and controls. [Draft DOE Order 420.2C, Safety of Accelerator Facilities] [Similar to DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Non-Reactor Nuclear Facility meansthose facilities, activities or operations that involve, or will involve, radioactive and/or fissionable materials in such form and quantity that a nuclear or a nuclear explosive hazard potentially exists to workers, the public, or the environment, but does not include accelerators and their operations and does not include activities involving only incidental use and generation of radioactive materials or radiation such as check and calibration sources, use of radioactive sources in research and experimental and analytical laboratory activities, electron microscopes, and X-ray machines. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Accelerator meansa device employing electrostatic or electromagnetic fields to impart kinetic energy to molecular, atomic or sub-atomic particles and capable of creating a radiological area as defined in 10 CFR Part 835. [Draft DOE Order 420.2C, Safety of Accelerator Facilities]. [Similar to DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Reactor means any apparatus that is designed or used to sustain nuclear chain reactions in a controlled manner such as research, test, and power reactors, and critical and pulsed assemblies and any assembly that is designed to perform subcritical experiments that could potentially reach criticality; and, unless modified by words such as containment, vessel, or core, refers to the entire facility, including the housing, equipment and associated areas devoted to the operation and maintenance of one or more reactor cores. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Accelerator Operations means those activities of an accelerator and any associated accelerator facilities that are bounded by the Safety Assessment Document. Accelerator operations (and post operations) include the production; dispensing, analysis, movement, processing, handling and other uses; and storage of radioactive material. [Draft DOE Order 420.2C, Safety of Accelerator Facilities] [Similar to DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Operations meansthe work activities accomplished by the facility or project. Examples include, but are not limited to, operating science and technology machines, operating equipment, construction, decontamination and decommissioning, dismantlement, environmental characterization and monitoring activities, waste handling, research and development, maintenance, and laboratory analysis activities. [DOE O 422.1, Conduct of Operations]
Accelerator vs. Nuclear Terms • Accelerator Safety Envelope means a set of readily verifiable physical and administrative credited controls that define the bounding conditions for safe operation and address the accelerator facility hazards and risks. [Draft DOE Order 420.2C, Safety of Accelerator Facilities] [Similar to DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Technical Safety Requirements means the limits, controls, and related actions that establish the specific parameters and requisite actions for the safe operation of a nuclear facility and include, as appropriate for the work and the hazards identified in the documented safety analysis for the facility: Safety limits, operating limits, surveillance requirements, administrative and management controls, use and application provisions, and design features, as well as a bases appendix. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Accelerator Safety Envelope Limits meansthat beam interactions and losses from all operations would not cause unacceptable radiation levels or exposures at any location where personnel occupancy is allowed during facility operations. [Not defined but used six times in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Safety Limits means the limits onprocess variables associated with those safety class physical barriers, generally passive, that are necessary for the intended facility function and that are required to guard against the uncontrolled release of radioactive materials. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Authorized Alternative means alternative procedures may be necessary for certain minimal Accelerator Safety Envelope (ASE) requirements when they will not be met for particular conditions and where alternative requirements are specified in the ASE. The authorized use of such alternative ASE requirements must not decrease the overall level of safety. [Not defined but used three times in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Limiting Condition for Operations means the limits that represent the lowest functional capability or performance level of safety structures, systems, and components required to perform an activity safely. The limiting conditions for operation section describes, as precisely as possible, the lowest functional capability or performance level of equipment required for continued safe operation of the facility. The limiting conditions for operation section also states the action to be taken to address a condition not meeting the limiting conditions for operation section. Normally this simply provides for the adverse condition being corrected in a certain time frame and for further action if this is impossible. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Commissioning means a phase of an accelerator facility operation that is typically used to test and verify specifications in a new or designed functional mode. Commissioning periods may be tailored to the needs of each facility and there may be great variations in their duration, breadth, and formality, but in all cases the activities will be bounded by an ASE. At its conclusion, the accelerator is ready for performance of an ARR for routine operations, or directly for routine operations if the ARRs were combined. [Draft DOE Order 420.2C, Safety of Accelerator Facilities] • Commissioning means the process of testing an accelerator facility, or portion thereof, to establish the performance characteristics. It starts with the first introduction of a particle beam into the system. [DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Commissioning means the final stages of the project process involve acceptance and turnover of the structures, systems, and components from the construction effort to the operating organization. Acceptance is generally predicated on appropriate checkout/acceptance, testing, and commissioning. [DOE-STD-1189-2008, Integration Of Safety Into The Design Process]
Accelerator vs. Nuclear Terms • Credited Controls means controls determined through hazard evaluation to be essential for safe operation directly related to the protection of personnel or the environment. The number of credited controls should be a limited subset of the total number of controls employed for overall facility operation. Credited controls should be assigned a higher degree of operational assurance than other controls. A listing of all credited engineered and credited administrative controls should be included in the SAD. Since credited controls are essential for acceptably safe operations, they should be suitably addressed in the ASE. [Not defined but used twelve times in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Hazard Controls means measures to eliminate, limit, or mitigate hazards to workers, the public, or the environment, including (1) Physical, design, structural, and engineering features; (2) Safety structures, systems, and components; (3) Safety management programs; (4) Technical safety requirements (TSR); and (5) Other controls necessary to provide adequate protection from hazards. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Credited Administrative Controls means administrative controls such as minimum staffing levels, qualification, and training for operation, minimum operable equipment, critical records to be retained, procedures to be maintained current, and immediate mitigative actions to be taken if the ASE is exceeded; and procedures addressing the ASE-required minimal administrative or engineered controls for operation. [Not defined but used twice in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Administrative Controls means the provisions relating to organization and management, procedures, record keeping, reviews, and audits necessary to ensure safe operation of the facility. Administrative Controls may include reporting deviations from TSRs or violation of a TSR, staffing requirements for facility positions important to safe operation of the facility, Administrative Controls of the criticality safety program, and commitments to safety management programs important to worker safety. [DOE G 423.1-1, Implementation Guide For Use In Developing Technical Safety Requirements]
Accelerator vs. Nuclear Terms • Credited Engineered Controls means hardware or structural items (structures, systems, and/or components, both active and passive) that accomplish a particular safety function. [Not defined but used four times in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Safety Class Structures, Systems, And Components means the structures, systems, or components, including portions of process systems, whose preventive or mitigative function is necessary to limit radioactive hazardous material exposure to the public, as determined from safety analyses. [10 CFR 830, Nuclear Safety Management] • Safety Significant Structures, Systems, And Components means the structures, systems, and components which are not designated as safety class structures, systems, and components, but whose preventive or mitigative function is a major contributor to defense in depth and/or worker safety as determined from safety analyses. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Criticality means the condition in which a nuclear chain reaction becomes self-sustaining without the use of external beams of ionizing radiation from an accelerator. [Draft DOE Order 420.2C, Safety of Accelerator Facilities] • Criticality means the condition in which a nuclear fission chain reaction becomes self-sustaining. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Hazard Analysis means a documented process to systematically identify the hazards of a given operation; including a description and analyses of the adequacy of measures taken to eliminate, control, or mitigate the hazards and risks of normal operation; and identification and analyses of potential accidents and their associated risks. [Draft DOE Order 420.2C, Safety of Accelerator Facilities]. [Safety Analysis is defined this way in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Hazard Analysis means an analysis that supports Preliminary Documented Safety Analysis development during Preliminary and Final Design and identifies the types and magnitudes of hazards that are anticipated in the facility. This level of hazard analysis expands the Preliminary Hazards Analysis to include evaluation of the process hazards. [DOE-STD-1189-2008, Integration Of Safety Into The Design Process]
Accelerator vs. Nuclear Terms • Maximum Credible Incident means that credible accident scenario with the maximum or worst-case consequences. associated with the facility and can provide information helpful for emergency planning or site assistance agreements. While the MCI is often found to be the maximum credible radiological incident that could occur in the facility, there may be non-radiological accidents that are more limiting in terms of consequences. These non-radiological scenarios also are to be captured in the accident analysis. [Not defined but used four times in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Design Basis Accident means an accident that is postulated for the purpose of establishing functional requirements for structures, systems and components. [DOE-STD-1189-2008, Integration Of Safety Into The Design Process]
Accelerator vs. Nuclear Terms • Safety Assessment Document means a document containing the results of a hazard analysis for an accelerator facility pertinent to understanding the risks of operating the accelerator facility. [Draft DOE Order 420.2C, Safety of Accelerator Facilities]. [Defined this way in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide except for the term Safety Analysis instead of Hazard Analysis] • Documented Safety Analysis means a documented analysis of the extent to which a nuclear facility can be operated safely with respect to workers, the public, and the environment, including a description of the conditions, safe boundaries, and hazard controls that provide the basis for ensuring safety. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Standard Industrial Hazards means those hazards routinely encountered and accepted in general industry and for which national consensus codes and/or standards exist to guide safe design and operation. Standard industrial hazards normally do not need to be addressed in the SAD. Standard industrial hazards should be evaluated for the potential to serve as initiators for accidents related to specific accelerator processes. [Not defined but used twice in DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Hazard means a source of danger (i.e., material, energy source, or operation) with the potential to cause illness, injury, or death to a person or damage to a facility or to the environment (without regard to the likelihood or credibility of accident scenarios or consequence mitigation). [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Unreviewed Safety Issue (USI) means the determination that there is a significant increase in the probability of or consequences from of (sic) a previously analyzed postulated accident or of a new, previously un-analyzed postulated accident that could result in a significant adverse consequence. This determination is part of a structured process to identify and evaluate whether planned or as-found conditions, equipment, or processes may exceed the bounds of an accelerator’s ASE. Activities that exceed the bounds of the ASE must not be performed until restart is approved by DOE. [Draft DOE Order 420.2C, Safety of Accelerator Facilities]. [Similar to DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Unreviewed Safety Question (USQ) means a situation where (1) The probability of the occurrence or the consequences of an accident or the malfunction of equipment important to safety previously evaluated in the documented safety analysis could be increased; (2) The possibility of an accident or malfunction of a different type than any evaluated previously in the documented safety analysis could be created; (3) A margin of safety could be reduced; or (4) The documented safety analysis may not be bounding or may be otherwise inadequate. [10 CFR 830, Nuclear Safety Management]
Accelerator vs. Nuclear Terms • Accelerator Readiness Review means a structured method for verifying that hardware, personnel, and procedures associated with commissioning or routine operation are ready to permit the activity to be undertaken safely. [DOE G 420.2-1, Accelerator Facility Safety Implementation Guide] • Readiness Review means reviews are performed to ensure that contractor programs, equipment, and personnel are ready to safely start up and operate the facility. [DOE Order 425.1C, Startup and Restart of DOE Nuclear Facilities] • Operational Readiness Review/Assessment means a disciplined, systematic, documented, performance-based examination of facilities, equipment, personnel, procedures, and management control systems to ensure that a facility will be operated safely within its approved safety envelope as defined by the facility safety basis. [DOE G 450.1-1B, DOE Integrated Safety Management System Guide, Volume 2]
Issues Raised by a Proposed Change of Name for Accelerator Terms • Current names are familiar • Current names are used in contractor contracts and conduct of operation agreements • OSHA and NRC recognize current accelerator term names • Current names are used in cooperative agreements between states and DOE • The accelerator-term names, although renamed, mean the same thing • A lot of effort to replace the names in operations procedures, and then re-train the operators and others who use the procedures • …
DOE Directives • DOE Directives (Orders, Guides, Standards, Notices) are internal DOE documents that set policy and specify procedures for implementing that policy • DOE Directives may apply to specific sites and facilities or to all areas of DOE operations • The Atomic Energy Act (AEA) of 1954, as amended [42 USC 2011, et seq.; 10 CFR 20, 39, 60, 61, 71, 100, 762, 830, 835, 960, 962 and 40 CFR 190–192], authorizes the conduct of atomic energy activities and governs the design, location, and operation of facilities, including Federal facilities, involved with nuclear materials • DOE facilities involved with nuclear materials are not required by the AEA to be permitted or licensed but are required to comply with the act and its amendments • In some cases, DOE Directives may mandate compliance with existing Federal, state, and local regulations regardless of involvement with nuclear materials (e.g., 10CFR835)
Current Interface with DOE Directives Unique to Accelerator Unique to Nuclear 10 CFR 830, Nuclear Safety Management DOE Order 425.1C, Startup and Restart of DOE Nuclear Facilities DOE G 423.1-1, Implementation Guide For Use In Developing Technical Safety Requirements DOE-STD-1189-2008, Integration Of Safety Into The Design Process DOE-STD-1027-92, Hazard Categorization And Accident Analysis Techniques For Compliance With DOE Order 5480.23, Nuclear Safety Analysis Reports DOE G 420.1-2, Guide for the Mitigation of Natural Phenomena Hazards for DOE Nuclear Facilities and Nonnuclear Facilities More listed in DOE G 450.1-1B Volume 2 • DOE Order 420.2B, Safety of Accelerator Facilities • DOE G 420.2-1, Accelerator Facility Safety Implementation Guide Directives Applicable to Both • DOE Order 422.1, Conduct of Operations • DOE Order 413.3A, Program And Project Management For The Acquisition Of Capital Assets • DOE Order 420.1B, Facility Safety • 10 CFR 835, Occupational Radiation Protection • 10 CFR 851, Worker Safety and Health Program • DOE O 414.1C, Quality Assurance • DOE G 450.1-1B, DOE Integrated Safety Management System Guide, Volumes 1 and 2 • More listed in DOE G 450.1-1B Volume 2
Accelerator Versus Nuclear Hazards • One difference in hazards is that accelerator facilities are expected to contain little or no fissile or fertile materials or fission products and in amounts less than that required to achieve criticality • Nuclear criticality with its associated energy release cannot occur in these accelerator facilities • For a beam of particles to accelerate, controlled and difficult-to-achieve conditions must be maintained; any event that disturbs these conditions results in stopping the beam and stopping the creation of radioactivity in a target or component • Accelerator facilities have several hazards not normally associated with fission reactor systems; some of these include cryogenic systems, very high electric currents and voltages, and strong magnetic fields • Differences between accelerators and nuclear facilities must be reflected in the authorization basis documents for accelerator facilities so that requirements not directly applicable, which would not enhance safety, are not imposed; alternatively, accelerator safety requirements that are different from those derived from fission experience must be incorporated in authorization basis documents
Accelerator Versus Nuclear Hazards • Another difference in the hazards associated is the radionuclide inventories • Fission, by its nature, results in long-lived, highly radioactive fission products • In accelerator facilities, however, radionuclide inventories will be dominated by radioactivity in targets and activation products in structures • Activation products will be principally solids, not easily mobilized except in an extreme accident scenario • Furthermore accelerators primarily operate in a pulsed mode where operation is only for relatively short periods; total neutrons integrated over time are much less in accelerators • In accelerators, the radioactive hazards tend to be more distributed spatially than in fission systems • Further, there are differences in the relative biological risks of the radionuclides because actinides, radioactive noble gases, radioiodine, radiocesium, radiostrontium, or plutonium, which are inherently associated with the fission-connected process, are not present at accelerators
Accelerator Operations With a Potential Criticality Hazard • Accelerator facilities that require an offsite emergency plan for the public’s protection (> 1 rem offsite) are required in Draft DOE Order 420.2C to have the DOE Program Secretarial Officer/NNSA Administrator: “Approve items listed in 5. b.(2) (a) for accelerator facilities where site boundary consequences for credible postulated accident scenarios that potentially exceed 1 rem (0.01Sv) and/or Emergency Response Planning Guide ERPG-2.” • To grant approval, a DOE Program Secretarial Officer/NNSA Administrator can invoke specific requirements in individual contracts for specific accelerators or accelerator modules
Issues Raised by Using Unique Nuclear Directives and Unique Accelerator Directives at the Same Facility • Communication difficulties due to terminology could exist at the same facility • Similar terms such as commissioning or hazards analysis invoke different actions • Different terms such as Limiting Condition for Operations or Authorized Alternative invoke the same actions • 10 CFR 830 cannot be applied to accelerator operations by law whereas it is applicable at nuclear facilities • Accelerator facilities primarily guard against beam hazards; nuclear facilities primarily guard against uncontrolled radioactive material releases • By their nature, the hazards in accelerators are unique in many ways: • In fission, the energy source and inventory are intimately coupled (e.g. in the core), the time scales for accidents are fairly short, and accident protection and mitigation are more viable than accident prevention (e.g., decay heat, prompt critical on fast neutrons…) • In accelerators, the energy sources and the radiation beams are separate, there is a strong ability for accident prevention by using engineered controls such as interlocks, and the inherent time scales to provide protection or mitigation are generally longer