Class 1 SG D 01

AERB SAFETY GUIDE NO.
AERB/NPP-PHWR/SG/D-1
SAFETY CLASSIFICATION AND SEISMIC CATEGORISATION FOR STRUCTURES, SYSTEMS AND COMPONENTS OF PRESSURISED HEAVY WATER REACTORS
Atomic Energy Regulatory Board Mumbai 400 094 India January 2003
Price:
Orders for this guide should be addressed to: The Administrative Officer Atomic Energy Regulatory Board Niyamak Bhavan Anushaktinagar Mumbai - 400 094 India
FOREWORD
Activities concerning establishment and utilisation of nuclear facilities and use of radioactive sources are to be carried out in India in accordance with the provisions of the Atomic Energy Act, 1962. In pursuance of the objective to ensure safety of members of the public and occupational workers as well as protection of environment, the Atomic Energy Regulatory Board has been entrusted with the responsibility of laying down safety standards and framing rules and regulations for such activities. The Board has, therefore, undertaken a programme of developing safety standards, codes of practice and related guides and manuals for the purpose. These documents cover aspects such as siting, design, construction, operation, quality assurance, decommissioning and regulation of nuclear and radiation facilities. Codes of practice and safety standards are formulated on the basis of internationally accepted safety criteria for design, construction and operation of specific equipment, systems, structures and components of nuclear and radiation facilities. Safety codes establish the objectives and set minimum requirements that shall be fulfilled to provide adequate assurance for safety. Safety guides elaborate various requirements and furnish approaches for their implementation. Safety manuals deal with specific topics and contain detailed scientific and technical information on the subject. These documents are prepared by experts in the relevant fields and are extensively reviewed by advisory committees of the Board before they are published. The documents are revised, when necessary, in the light of experience and feedback from users as well as new developments in the field. The Code of Practice on Design for Safety in Pressurised Heavy Water Based Nuclear Power Plants (AERB/SC/D, 1989) lays down the minimum requirements for ensuring adequate safety in nuclear power plant design. This Safety Guide is one of a series of guides, which have been issued or are under preparation, to describe and elaborate the specific parts of the Code. The Guide is based on the current designs of 220 MWe and 540 MWe Pressurised Heavy Water Reactors (PHWRs). It provides guidance for safety classification and seismic categorisation of the structures, systems and components of PHWRs. It provides necessary information to assist personnel and organisations participating in the design of PHWRs in assigning the required levels of importance to various structures, systems and components. In drafting the Guide, the relevant International Atomic Energy (IAEA) documents under the Nuclear Safety Standards (NUSS) programme, especially the Safety Guide on Safety Functions and Component Classification for BWR, PWR and PTR (No.50-SG- D1, 1979) and International Electrotechnical Commission, International Standard IEC 1226, 1993 have been used extensively.
Consistent with the accepted practice, shall, should and may are used in the Guide to distinguish between a firm requirement, a recommendation and a desirable option, respectively. Appendices are an integral part of the document, whereas annexures, footnotes, references/bibliography and lists of participants are included to provide information that might be helpful to the user. Approaches for implementation, different to those set out in the guide may be acceptable, if they provide comparable assurance against undue risk to the health and safety of the occupational workers and the general public and protection of the environment. For aspects not covered in this guide, applicable and acceptable national and international standards, codes and guides should be followed. Non-radiological aspects of industrial safety and environmental protection are not explicitly considered. Industrial safety is ensured through compliance with the applicable provisions of the Factories Act, 1948 and the Atomic Energy (Factories) Rules, 1996. This guide has been prepared by specialists in the field drawn from the Atomic Energy Regulatory Board, Bhabha Atomic Research Centre, Indira Gandhi Centre for Atomic Research and Nuclear Power Corporation of India Limited and other consultants. It has been reviewed by the relevant AERB Advisory Committee on Codes and Guides and the Advisory Committee on Nuclear Safety. AERB wishes to thank all individuals and organisations who have prepared and reviewed the draft and helped in its finalisation. The list of persons, who have participated in this task, along with their affiliations, is included for information.
(Suhas P. Sukhatme) Chairman, AERB
ii
DEFINITIONS
Acceptable Limits Limits acceptable to the Regulatory Body for accident condition or potential exposure. Accident Conditions Substantial deviations from Operational States which could lead to release of unacceptable quantities of radioactive materials. They are more severe than anticipated operational occurrences and include Design Basis Accidents as well as Beyond Design Basis Accidents. Anticipated Operational Occurrences An operational process deviating from normal operation which is expected to occur during the operating lifetime of a facility but which, in view of appropriate design provisions, does not cause any significant damage to Items Important to Safety nor lead to Accident Conditions. Decay Heat The heat produced by the decay of radioactive nuclides. Design Basis Events (DBE) The set of events, that serve as part of the basis for the establishment of design requirements for systems, structures and components within a facility. Design Basis Events (DBEs) include normal operation, operational transients and certain accident conditions under postulated initiating events (PIEs) considered in the design of the facility. Diversity The presence of two or more different components or systems to perform an identified function, where the different components or systems have different attributes so as to reduce the possibility of common cause failure.
iii
Items Important to Safety The items which comprise: those structures, systems, equipment and components whose malfunction or failure could lead to undue radiological consequences at plant site or off-site; those structures, systems and components which prevent Anticipated Operational Occurrences from leading to Accident Conditions; and those features which are provided to mitigate the consequences of malfunction or failure of structures, systems, equipment or components.
Normal Operation Operation of a plant or equipment within specified operational limits and conditions. In case of nuclear power plant this includes start-up, power operation, shutting down, shutdown state, maintenance, testing and refuelling. Nuclear Power Plant A nuclear reactor or a group of reactors together with all the associated structures, systems, equipment and components necessary for safe generation of electricity. Operating Basis Earthquake (OBE) An earthquake which, considering the regional and local geology and seismology and specific characteristics of local sub-surface material, could reasonably be expected to affect the plant site during the operating life of the plant. The features of nuclear power plant necessary for continued safe operation are designed to remain functional, during and after the vibratory ground motion caused by this earthquake. Operational States The states defined under Normal Operation and Anticipated Operational Occurrences. Performance The effectiveness with which an intended function is carried out.
iv
Postulated Initiating Events (PIE) Identified events during design that lead to anticipated operational occurrence or accident conditions, and their consequential failure effects. Protection System A part of Safety Critical System which encompasses all those electrical, mechanical devices and circuitry, from and including the sensors upto the input terminals of the safety actuation system and the safety support features, involved in generating the signals associated with the safety tasks. Quality The totality of features and characteristics of an item or service that bear on its ability to satisfy stated or implied needs. Quality Assurance Planned and systematic actions necessary to provide adequate confidence that an item or service will satisfy given requirements for quality. Redundancy Provision of alternative structures, systems, components of identical attributes, so that any one can perform the required function regardless of the state of operation or failure of any other. Safe Shutdown Earthquake (SSE) The earthquake which is based upon an evaluation of the maximum earthquake potential considering the regional and local geology and seismology and specific characteristics of local sub-surface material. It is that earthquake which produces the maximum vibratory ground motion for which certain structures, systems and components are designed to remain functional. These structures, systems, and components are those which are necessary to assure; (1) (2) The integrity of the reactor coolant pressure boundary; or The capability to shutdown the reactor and maintain it in a safe shutdown condition; or
(3)
The capability to prevent the accident or to mitigate the consequences of accidents which could result in potential off-site exposures higher than the limits specified by the Regulatory Body; or The capacity to remove residual heat.
(4)
Safety (Nuclear Safety) The achievement of proper operating conditions, prevention of accidents or mitigration of accident consequences, resulting in protection of site personnel, the public and the environment from undue radiation hazards. Safety Action An action initiated by a protection system and completed by safety actuation system with the help of safety support system to accomplish a safety task. Safety Actuation System A part of safety critical system which encompasses all equipment required to accomplish the required safety action when initiated by the protection system. Safety Function A specific purpose, that must be accomplished for safety. Safety System (Safety Critical System) Systems important to safety, provided to assure that, under anticipated operational occurrences and accident conditions, the safe shut down of the reactor followed by heat removal from the core and containment of any radioactivity, is satisfactorily achieved (Examples of such systems are: shutdown systems, emergency core cooling system and containment isolation system). It is also called as Safety Critical System. Safety Support System Part of safety systems which encompass all equipment that provide services such as cooling, lubrication and energy supply (pneumatic or electric) required by the protection system and safety actuation systems.
vi
Single Failure A random failure, which results in the loss of capability of a component to perform its intended safety function. Consequential failures resulting from a single random occurrence are considered to be part of the single failure. Ultimate Heat Sink The atmosphere or a body of water or the ground water to which part or all of the residual heat is transferred during normal operation, anticipated operational occurrences or accident conditions.
vii
SPECIAL DEFINITIONS
(Specific for the present guide) Blind LOCA Blind LOCA is said to have occurred where leak from the break in the reactor coolant pressure boundary exceeds the capacity of the make-up system, but the leak rate is such that the LOCA conditioning signal (high building pressure) does not become effective, resulting in non-automatic actuation of intermediate pressure injection of ECCS. Equipment One or more parts of a system. An item of equipment is a single definable (and usually removable) element or part of a system. Function A specific purpose or objective to be accomplished, that can be specified or described. Functionality A qualitative indication of the range or scope of the functions that a system or item of equipment can carry out. A system that can carry out many complex functions has a high functionality; a system that can carry out only a few simple functions has a low functionality. Significant Sequence A credible series or set of events that would result in unacceptable consequences such as: unacceptable radioactive release at the site or into the wider environment. This might be either a massive, uncontrolled release at a frequency that is outside the NPP design basis, or release at a frequency that is within the design basis but exceeding specified magnitude and/or frequency limits; unacceptable fuel damage. There might be damage to the fuel clad that leads to an unacceptable increase in the activity of the primary coolant, or structural damage to the fuel that impairs the ability to cool it.
viii
CONTENTS
FOREWORD ................ i
DEFINITIONS .......... iii SPECIAL DEFINITIONS ............................................................................. viii 1. INTRODUCTION ............................. 1.1 General ................. 1.2 Objective ............... 1.3 Scope ..... BASIS OF SAFETY CLASSIFICATION .......... SAFETY FUNCTIONS ......... 3.1 General ................. 3.2 List of Safety Functions ........ METHODOLOGY OF ASSIGNMENT OF SAFETY CLASS . 1 1 1 1 2 3 3 3 6
2. 3.
4. 5.
THE SAFETY CLASSES ...... 8 5.1 General .............. 8 5.2 Civil Structures and Mechanical Equipment. 8 5.3 Electrical ...................... 12 5.4 Instrumentation and Control ........ 13 SEISMIC CATEGORISATION ..... 6.1 General .. 6.2 Earthquake Levels ................ 6.3 Categorisation ....... 6.4 Special Requirements ........................................................ DESIGN REQUIREMENTS ..................... 7.1 General .............................................................................. 7.2 Civil structures ............. 7.3 Mechanical Structures, Systems and Components ...... 7.4 Electrical Equipment/Components ............... 7.5 Design Requirements for I&C Equipment/Components ...... TYPICAL CLASSIFICATION 18 18 18 18 19 21 21 21 22 22 23 26
6.
7.
8.
TABLE-1 TABLE-2
: CIVIL ENGINEERING STRUCTURES .........
27
: MECHANICAL STRUCTURES, SYSTEMS AND COMPONENTS ................................................ 30 : ELECTRICAL SYSTEMS/COMPONENTS ....... 38 : INSTRUMENTATION AND CONTROL SYSTEMS/COMPONENTS ...............
TABLE-3 TABLE-4
46
ANNEXURE-I
: TYPICAL LIST OF STANDARDS FOR CIVIL ENGINEERING STRUCTURES ................ 59
ANNEXURE-II : TYPICAL LIST OF CODES FOR MECHANICAL STRUCTURES, SYSTEMS AND COMPONENTS ...
60
ANNEXURE-III : TYPICAL LIST OF CODES AND STANDARDS FOR ELECTRICAL SYSTEMS/COMPONENTS .................. 61 ANNEXURE-IV : TYPICAL LIST OF STANDARDS FOR I&C SYSTEMS/COMPONENTS ................... 62 REFERENCES ............. 63 BIBLIOGRAPHY .................... 64
LIST OF PARTICIPANTS ........ 65 WORKING GROUP ............ 65
ADVISORY COMMITTEE ON CODES, GUIDES AND ASSOCIATED MANUALS FOR SAFETY IN DESIGN OF NUCLEAR POWER PLANTS (ACCGD) ................................................ 66 ADVISORY COMMITTEE ON NUCLEAR SAFETY (ACNS) .... 67
PROVISIONAL LIST OF SAFETY CODE, GUIDES AND MANUAL ON DESIGN OF PRESSURISED HEAVY WATER REACTORS ...... 68
1. INTRODUCTION
1.1 General AERB Code of Practice on Design for Safety in Pressurised Heavy Water Based Nuclear Power Plants, AERB/SC/D, 1989 [1] hereinafter referred as the Code, establishes the criteria for design approaches and design requirements for Pressurised Heavy Water Reactors (PHWRs) that shall be met for safe operation and prevention of an accident or mitigation of the consequences of Design Basis Events (DBEs) which could jeopardise safety. This safety guide aims to classify the structures, systems and components (SSCs) according to their importance to safety. The resulting classification determines the relevant design criteria, which are measures of quality by which the adequacy of each SSC, in relation to its importance to plant safety, is ensured. 1.2 Objective The classification of SSCs into various categories is carried out after identification of their significance in ensuring safety of the Nuclear Power Plant (NPP). Safety of NPP is achievement of proper operating conditions, prevention of accidents and mitigation of accident consequences for the protection of site personnel, the public and the environment against undue radiation hazard. 1.3 Scope This safety guide describes the classification procedure for the SSCs according to their importance to safety. The procedure followed for this purpose is to identify various safety functions required to be performed in an NPP to achieve safety. These safety functions are then grouped and ranked into safety classes taking into consideration the consequences of failure of the safety function performed by the SSC and the probability of its occurrence. Appropriate design requirements for each safety class are established with the most stringent requirements specified for the highest class and so on. Quality Assurance (QA) requirement is determined by AERB Code of Practice on Quality Assurance for Safety in Nuclear Power Plants, AERB/SC/QA, 1988 [2]. As per 1.3.1 of this code, the extent of its application shall be consistent with the importance of the items to safety and its conformance with the classification of these items. This guide also covers the seismic categorisation of SSCs as per AERB code of practice on Safety in Nuclear Power Plant Siting, AERB/SC/S, 1990 [3]. 1
2. BASIS OF SAFETY CLASSIFICATION

2.1 The fundamental objective of safety is to take all practicable measures to: (a) (b) prevent accidents; and mitigate the consequences of accidents, should they occur, so that: (i) (ii) likelihood of accidents with serious radiological consequences is extremely low, and radiological consequences would be below acceptable limits in case an accident occurs.
2.2
One way of achieving the above objective can be to assign equal importance to all the SSCs of the NPP and design them by adopting the most stringent codes and standards available. However, such an approach is not a good engineering practice and has its own limitations. Another approach may be to grade the SSCs according to the role played by them in the measures to control radiological hazards in an NPP and classify them. Based on the classification, their design requirements can be accordingly established without compromising the overall safety objective. This is achieved by identifying the different safety functions performed by individual SSCs in terms of their role in achieving the safety objective. The procedure adopted is to identify the various safety functions to be performed in an NPP to achieve safety. These safety functions are then grouped and ranked into safety classes, taking into consideration the consequences of failure of the safety function performed by SSC and the probability of occurrence of a failure. In addition to above, the procedures for handling severe accident conditions also make use of available process systems. Such process systems (e.g., fire water back up to process water for selected heat exchangers) will be classified as per their normal function and not for severe accident use conditions. Safety functions and their ranking methodology are further elaborated in sections 3 and 4.
2.3
24 .
25 .
3. SAFETY FUNCTIONS
3.1 General In NPPs, SSCs perform various functions. Certain functions amongst these are concerned with the need to limit radiation exposure to the public and to the site personnel in all operational states and accident conditions. These safety functions include those necessary to prevent accident conditions and also those necessary to mitigate the consequences of accident conditions. They can be accomplished, as appropriate, using SSCs provided for: normal operation (e.g., a sound primary heat transport system boundary prevents accidents); preventing anticipated operational occurrences from leading to accident conditions (e.g., primary heat transport system pressure relief valves); and mitigating the consequences of accident conditions (e.g., emergency core cooling system).
3.2
List of Safety Functions A list of safety functions, performed by various SSCs, is given below. For classification, each SSC is identified with related safety functions in this list. The serial designation (a, b, c, etc.) assigned to the safety functions below are referred to later at various places in this guide for reference purposes. (a) (b) (c) To prevent unacceptable reactivity transients. To maintain the reactor in a safe shutdown condition after all shutdown actions. To shut down the reactor as required to prevent anticipated operational occurrences from leading to accident conditions and to shutdown the reactor to mitigate the consequences of accident conditions (see also (d)). To shut down the reactor on sensing a loss-of-coolant accident. To maintain sufficient reactor coolant inventory for core cooling during and after all operational states.
(d) (e)
(f) (g) (h) (i)
To remove heat from the core1 after a failure of the reactor coolant pressure boundary in order to limit fuel damage. To remove decay heat during1 appropriate operational states and accident conditions with the reactor coolant pressure boundary intact. To transfer heat from other systems to the ultimate heat sink2 . To ensure necessary services (e.g., electric, pneumatic, hydraulic power supplies, lubrication) as a support function for the safety systems. To maintain acceptable integrity of the cladding of the fuel in the reactor core. To maintain the integrity of the reactor coolant pressure boundary. To limit the release of radioactive material from the reactor containment during and after an accident. To keep the radiation exposure of the public and site personnel within acceptable limits during and after accident conditions that release radioactive materials from sources outside the reactor containment. To limit the discharge or release of radioactive waste and airborne radioactive material below the prescribed limits during all operational states. To control environmental conditions within the nuclear power plant for operation of safety systems and for personnel habitability necessary to allow performance of operations important to safety. To control radioactive releases from irradiated fuel transported or stored outside the reactor coolant system, but within the site, during all operational states. To remove decay heat from irradiated fuel stored outside the reactor coolant system, but within the site. To maintain sufficient sub-criticality of the fuel stored outside the reactor coolant system but within the site3 .
(j) (k) (l) (m)
(n)
(o)
(p)
(q) (r)
1 This safety function applies to the first step of the heat removal system(s). The remaining step(s) are encompassed in safety function (h). 2. This is a support function for safety critical systems and safety related systems when they are required to perform their safety functions (e.g. process water getting cooled by process water cooling system). 3 This does not apply to natural/depleted fuel but could be applied to use of advanced fuel in PHWR.
(s)
To prevent the failure or limit the consequences of failure of a component or structure which would cause the impairment of a safety function. To provide information and control capabilities for specified manual actions required to mitigate the consequences of a DBE and prevent it from leading to a significant sequence. To continuously monitor the systems to accomplish their protective and mitigating safety functions or to alert the control room staff of failures in these systems. To control the plant so that the process variables are maintained within the limits assumed in the safety analysis. To limit the consequences of events such as a fire or flood.
(t)
(u)
(v) (w)
4. METHODOLOGY OF ASSIGNMENT OF SAFETY CLASSES

4.1 It is possible to group the safety functions into safety classes. Each safety class contains safety functions with similar degree of importance for maintenance of safety. The safety classes are then ranked according to their importance in safety. From a safety point of view, accidents with a large potential for increase in radiation exposure should have a low probability of occurrence, whereas accidents with a small potential may have a higher probability. Based on this objective, the three factors required to assign safety class are: the probability that the safety function would be required; the probability that the safety function would not be accomplished when required; and the consequence of failure of required safety function resulting in radiation exposure.
4.2
The product of these factors must be acceptably low. When analyses indicate that this product is beyond acceptable range, design modifications and/or administrative measures are taken to reduce it. Sometimes it is possible to reduce the consequences of failure to achieve an acceptable result. For example, radioactive material in the waste treatment systems may be stored in several small tanks rather than in one large tank, to minimise the radioactivity release if the tank were to fail. Other standard methods to strengthen the design, as stipulated in the code include redundancy, diversity, plant layout, use of proven equipment, in-service inspection, and use of recognised codes and standards. The above methodology requires the determining of the probability of requirement of safety function and its successful accomplishment. However, in the absence of results of probabilistic studies, the technical judgement of experts with proper justification may be acceptable. 4.3 With the safety classes of the SSCs so evolved, these SSCs need to meet the stringent design requirements corresponding to the safety function expected of them. The term design requirements can be broadly interpreted and includes such considerations as design, quality, fabrication and inspection (pre-service and in-service inspection). These requirements are applied to
the individual components necessary to perform the safety functions grouped into each safety class. The probability of component failure is affected by the design requirements established for that component, i.e., the more stringent the design requirements, the smaller will be the probability that the safety function would not be accomplished by that component when required. Consequently, the highest ranked safety functions and the safety class into which they are placed have the most stringent design requirements. Thus, the purpose of establishing safety classes is to provide a stepwise hierarchy of design requirements. It would, of course, be possible to establish design requirements corresponding to each safety function. The international practice is to limit the safety classes to a practical number of three or four classes in the context of design requirements. By using these safety classes as hierarchical steps as referred to above, a useful gradation in design requirements can be established on the basis of their relative importance to safety. Fewer classes would result in over-stringent design requirements for satisfying certain safety functions (those of less importance to safety within a class).
5. THE SAFETY CLASSES

5.1 General As discussed above, SSCs are classified according to their importance to safety. For this purpose, the list of safety functions given in section 3.2 is utilised. This list forms the basis for determining one or more safety functions performed by the SSC. When a component performs two or more safety functions, it shall be classified as per the safety function most important to safety. An appropriate order of importance to safety of each function is then assessed as applicable to civil, mechanical, electrical and instrumentation and control (I&C) components and is given below. Using the order of importance assigned to each safety function, the safety functions are further grouped in a limited number, called safety classes. While the criteria of classification for all civil, mechanical, electrical and I&C SSCs are same (i.e., radiological consequences on probable failure of SSC), there are fine differences in the classification approach for these disciplines. Systems or portions of systems of different safety classes should be connected through appropriate interface devices. Each interface device should have the same safety class as the higher safety class system to which it is connected. 5.2 Civil Structures and Mechanical Equipment Having established the safety function for a particular SSC and weighed it against the consequences of failure of that safety function, and the frequency of requirement of the safety function, it is grouped in different safety classes according to its importance to safety. To explain the above let us, as an example, classify the mechanical component of primary heat transport (PHT) system and emergency core cooling system (ECCS). The safety function (k) for PHT system is to maintain the integrity of the reactor coolant pressure boundary while safety function (f) for ECCS it is to remove the heat from the core after a failure in reactor coolant pressure boundary. The radiological consequences of failure of both the safety functions are high. However, while PHT system pressure boundary is required to play its safety function (k) at all times during reactor operation, the frequency of requirement of safety function (f) performed by ECCS is low. Also, the probability that the safety function would not be established when required by ECCS is reduced by employing redundancy, testing, etc. Considering all these factors PHT system can be classified as a class superior to that for ECCS. The concept of defence in depth also has the same objective in this context. In the above example, safety function (f) is required only when safety function (k) fails. So in the
ranking of defence in depth, safety function (k) gets higher classification than safety function (f). In other words, the preventive function gets a higher ranking vis-a-vis the mitigating function. 5.2.1 Safety Class 1 The SSCs required to perform the safety functions necessary to prevent the release of a substantial fraction of core fission product inventory to the containment/environment are classified as safety class 1. Safety class 1 includes the following: (i) Those components that comprise the reactor coolant system pressure boundary. safety function (k). Excluded from safety class 1 are those fluid systems components that are part of the reactor coolant pressure boundary, the failure of which would result in a loss of reactor coolant within the make-up capacity of normally operating coolant inventory control systems to maintain a coolant inventory sufficient for an orderly cooldown following a shutdown. (ii) Those components necessary to shut down the reactor following a loss of coolant accident. This is of particular importance to PHWRs, where the void coefficient is positive, causing increase in power. safety function (d). 5.2.2 Safety Class 2 The SSCs that perform the safety function necessary to mitigate the consequences of an accident which would otherwise lead to release of substantial fraction of the core fission product inventory or activation product inventory into the environment are classified as safety class 2. The consequences of failure of these safety class 2 safety functions need only be considered after an initial failure of another safety function. Safety class 2 also includes those safety functions necessary to prevent anticipated operational occurrences from leading to accident conditions; and those safety functions whose failure under certain plant conditions may result in severe consequences, e.g., failure of decay heat removal system. Safety class 2 thus generally includes components performing the following safety functions:
(i)
Those components that are part of the reactor coolant system pressure boundary not in safety class 1. safety function (k) To remove heat from the core after a failure of the reactor coolant system pressure boundary for limiting fuel damage. safety function (f)
(ii)
(iii)
To remove decay heat during appropriate operational states and accident conditions, with the reactor coolant pressure boundary intact. safety function (g)
(iv)
To limit the release of radioactive material from the reactor containment during and after accident conditions. safety function (l)
Hence, containment building, associated Engineered Safety Features (ESFs) 4 and containment isolation features fall under safety class 2 . 5.2.3 Safety Class 3 SSCs required to perform a support role to safety functions in safety classes 1, 2 and 3 are classified as safety class 3. They include: Those safety functions necessary to prevent radiation exposure to the public or site personnel from exceeding the relevant acceptable limits from sources outside the reactor coolant system. Those safety functions associated with reactivity control on a slower time-scale than the reactivity control functions in safety classes 1 and 2. Those safety functions associated with decay heat removal from spent fuel stored outside the reactor coolant system and with maintaining sub-criticality of fuel stored outside the reactor coolant system.
Safety class 3 also includes those components that are required to: (i) Prevent unacceptable reactivity transients. safety function (a)
4 This may be achieved by a combination of the containment envelope and the use of
components that perform one or more of the following functions : (i) limit leakage from the containment envelope; (ii) reduce the pressure and temperature of the environment inside on the containment envelope during and after accident conditions; and (iii) remove radioactive materials from, and control the hydrogen concentration of, the containment atmosphere during and after accident conditions.
10
(ii)
Maintain the reactor in a safe shutdown condition after all shutdown actions. safety function (b) Maintain sufficient reactor coolant inventory for core cooling during and after all operational states. safety function (e) Transfer heat from other safety systems to the ultimate heat sink. safety function (h)
(iii)
(iv)
(v)
Ensure necessary support services (e.g., electrical, pneumatic, hydraulic, power supplies, lubrication) as a support function for a safety system. safety function (I) Keep the radiation exposure to the public and site personnel within acceptable limits during and after accident conditions that release radioactive materials from sources outside the reactor containment. safety function (m)
(vi)
(vii)
Maintain control of environmental conditions within the nuclear power plant for the operation of safety systems and for personnel habitability necessary to allow performance of operations important to safety. safety function (o) Control of radioactive releases from the spent fuel transported or stored outside the reactor coolant system, but within the site, during all operational states. safety function (p) Remove decay heat from irradiated fuel stored outside the reactor coolant system but within the site. safety function (q) Maintain sufficient sub-criticality of fuel stored outside the reactor coolant system. safety function (r) Limit the discharge or release of radioactive waste and airborne radioactive material below prescribed limits during all operational states and if they failed, would result in the exposure of the public or site personnel in excess of prescribed limit. (e.g., D2O leakage collection, D2O addition and transfer system etc.) safety function (n) 11
(viii)
(ix)
(x)
(xi)
5.2.4
Safety Class 4 The SSCs which incorporate safety functions that do not fall within safety classes 1, 2 or 3. Safety class 4 includes those components that are necessary to limit the discharge or release of radioactive waste and airborne radioactive material below prescribed limits during all operational states and would not result in the exposure of the public or site personnel in excess of prescribed limit, even if they failed. (e.g., PHT and moderator deuteration and dedeuteration system, D2O clean up system etc) safety function (n)
5.2.5
Not Important to Nuclear Safety (NINS) Class This class includes all other systems which are not associated with any of the safety functions listed above and designed as per industrial standards. These are included in the tables in Appendix for the sake of complete information.
5.3
Electrical Electrical power systems, electrical power system equipment and electrical components of process equipment are classified into two main safety classes. All systems and equipment, important to safety , are classified as safety class EA. Equipment/components which are not important to safety but have to meet special requirements relating to radiation and/or seismic conditions are classified as safety class EB. Details of classification are given below.
5
5.3.1
Safety Class EA Safety class EA electrical systems and equipment are those that are essential for: reactor shutdown and maintaining it in shutdown state, containment isolation, emergency core cooling, decay heat removal, containment heat removal (emergency fan coolers), and
5 Unlike in civil or mechanical systems, SSS in electrical system required for preventing or mitigating accidents are classified as EA.
12
other items essential in preventing significant release of radioactive materials into the environment.
Safety class EA includes class I, class II and class III electrical auxiliary power supply systems, which provide power to essential auxiliaries even after failure of normal class IV power supply. 5.3.2 Safety Class EB Electrical equipment/components that do not perform safety related functions (e.g., primary circulating pump motors, reactivity device motors, primary shutdown system motors, etc.,) but have certain special requirements are classified as EB. These equipment/components may be required to operate in a radiation environment under normal station operation conditions and should be designed to withstand the expected level of seismic acceleration, depending on the requirements of the related process equipment. 5.3.3 Not Important to Nuclear Safety (NINS) Class This class includes all other systems, which are not associated with any of the safety functions listed above and designed as per industrial standards. These are included in tables for the sake of complete information. 5.4 5.4.1 Instrumentation and Control (I&C) Pressure Boundary Part The safety classes 1 to 4 as per section 5.2 mentioned for the process systems are directly applicable to portions of I&C systems forming part of the system pressure-boundary. The safety classification applicable for mechanical design of the pressure boundary components is as follows: (i) (ii) In-line items like venturies and thermowells should have the same safety class as the corresponding process system. Instrument tubes are generally within the capacity of the inventory make up system. For these tubes, the safety classification should be same as the corresponding process system but limited maximum to the requirement of safety class 2. (refer 5.2.1(i)). Pressure retaining parts of sensors (e.g., bourden tube of pressure gauge or sensing element, chambers of DP transmitter) can be as per the manufactures standard design. A model with pressure/ temperature ratings higher than the maximum process pressure and
(iii)
13
temperature conditions should be chosen for the application. Also, any special requirement to meet the intended safety function should be specifically provided as a requirement in the specification for the equipment. 5.4.2 Remaining portions of I&C The safety classification of the I&C portion not forming direct part of pressure boundary in the process system is based on the standards of the International Electrotechnical Commission; IEC-1226 [4]. SSCs of I&C are classified in three safety classes: IA, IB and IC and are described below. 5.4.2.1 Safety Class IA Safety class IA is assigned to those SSCs which perform a principal role in the achievement or maintenance of safety. These SSCs prevent DBEs from leading to a significant sequence of events, or mitigate6 the consequences of DBEs. The required safety functions may be accomplished by class IA SSCs either automatically or via manual actions, provided such actions are within the capabilities of human operators safety class IA is also assigned to those SSCs whose failure could directly cause a significant sequence of events. Class IA SSCs have high availability requirements and are normally limited in their functionality, so that their availability can be guaranteed. An I&C SSC shall be assigned to class IA if it meets the following criteria: (i) It is required to mitigate the consequences of a DBE to prevent it from leading to a significant consequence; (e.g., shutdown systems) (safety function c, d, b) (ii) Its failure when required to operate in response to a DBE could result in a significant sequence of events; (e.g., instrumented relief valves on PHT) (safety function k) A fault or failure in the SSC would not be mitigated by another class IA SSC, and would lead directly to a significant sequence of events; (e.g., containment isolation) (safety function l)
(iii)
6 The difference here with respect to mechanical or civil structures may be noted. Certain functions of I & C which mitigate the consequences of DEBs form part of the highest class.
14
(iv)
It is required to provide information and control capabilities that allow specified manual actions to be taken to mitigate the consequences of a DBE to prevent it from leading to a significant sequence. (e.g., blind LOCA , leak from F/M) (safety function t)
5.4.2.2 Safety Class IB Safety class IB is assigned to those SSCs that perform a complementary role to class IA SSC in the achievement or maintenance of safety. The operation of a class IB SSC may avoid the need to activate a class IA SSC. Class IB SSC may improve or complement the execution of a class IA SSC in mitigating a DBE, so that the plant or equipment damage or activity release may be avoided or minimised. Those SSCs are assigned to class IB whose failure could initiate or worsen the severity of a DBE. Because of the presence of class IA SSCs which provide for the ultimate prevention or mitigation of DBEs, the safety requirements for class IB SSCs need not be as high as those for class IA SSCs. This allows, if necessary, the class IB SSC to be of higher functionality than class IA SSCs in their method of detecting the need to act or in their subsequent actions. An I&C SSC shall be assigned safety class IB if it falls within any of the following criteria and is not otherwise assigned to safety class IA: (i) It controls the plant so that process variables are maintained within the limits assumed in the safety analysis; (e.g., automatic control of the reactor primary and secondary circuit conditions, reactor control system). (safety function v, a) A requirement for operation of a class IA SSC in order to avoid a significant sequence of events which would result from faults or failures of the (class IB) SSC; (e.g., poison control, set back, storage tank level measurement). (safety function a, e) It is used to prevent or mitigate a minor radioactive release, or minor degradation of fuel, within the design basis, but of less importance than a significant sequence of events; (e.g., fuel failure monitoring, dry transfer during spent fuel transfer in fuel transfer system). (safety function p) (iv) It is provided to alert the control room staff to failure in class IA SSC. (safety function u) 15
(ii)
(iii)
(v)
It is provided to monitor continuously the availability of class IA SSCs for accomplishing their safety duties. (safety function u) It is used to reduce considerably the frequency of a DBE as indicated in the safety analysis. (e.g., set back or step back function). (safety function j)
(vi)
5.4.2.3 Safety Class IC Safety class IC includes those SSCs that have some safety significance, but are not assigned to safety class IA or IB. They can be part of the total response to an accident but not be directly involved in mitigating the consequences of the accident. An I&C SSC shall be assigned to safety class IC if it is not otherwise assigned to safety class IA or IB and if: (i) It is used to reduce the expected frequency of a DBE; (e.g., manual poison addition system). (safety function b) It is used to reduce the demands on, or to enhance the performance of, class IA SSC; (e.g., leakage collection system, main feed flow control). (safety function e, v) It is used for the surveillance or recording of conditions of SSC, to determine their safety status (fit for operation, operating, failed or inoperative), especially those whose malfunction could cause a DBE; (e.g., level monitoring of suppression pool, position monitoring systems of fuel handling system) (safety function l & u) It is used to monitor and take mitigating action following internal hazards (e.g., fire, flood etc.,) within the design basis (e.g., fire alarm system) (safety function w) It is used to ensure personnel safety during or following events that involve or result in release of radioactivity, or in risk of radiation exposure; (e.g., RADAS) ( safety function u)
(ii)
(iii)
(iv)
(v)
16
(vi)
It is used to warn personnel of a significant release of radioactivity or of a risk of radiation exposure. (e.g., beetles, heavy water leak detection) (safety function u) It is used to monitor and take mitigating action following natural events such as seismic, disturbance, extreme wind. (e.g., seismic alarm instrument). (safety function w) It is used for internal access control. (safety function o)
(vii)
(viii)
5.4.2.4 Not Important to Nuclear Safety (NINS) Class This class includes all other systems which are not associated with any of the safety functions listed above and are designed as per industrial standards. These are included in tables for the sake of complete information.
6. SEISMIC CATEGORISATION
17
6.1
General AERB Code of Practice on Safety in Nuclear Power Plant Siting (AERB/SC/S) stipulates that structures, systems and components necessary to assure capability for shut down, decay heat removal and confinement of radioactive material shall be designed to remain functional throughout the plant life in the event of natural phenomenon such as earthquakes, cyclones and floods. This section explains the basis of seismic categorisation.
6.2
Earthquake Levels As per the siting code AERB/SC/S, following two earthquake levels have been defined: (1) (2) S1 level earthquake; and S2 level earthquake.
The S1 level is the maximum ground motion, which can be reasonably expected to be experienced at the site area once during the operating life of the nuclear power plant with an estimated return period of about 100 years. In the design, the S1 level ground motion corresponds to Operating Basis Earthquake (OBE). The S2 level is the level of ground motion that has a very low probability 7 of being exceeded. It represents the maximum level of ground motion to be used for design of SSCs important to safety. In the design, the S2 level ground motion corresponds to the Safe Shutdown Earthquake (SSE). 6.3 Categorisation SSCs are to be categorised in three seismic categories. 6.3.1 Seismic category-1 Seismic category-1 shall include all SSCs: (i) (ii) whose failure could directly or indirectly cause accident conditions, or which are required for shutting down the reactor, monitoring critical parameters, maintaining it in a safe shutdown condition and removing decay heat on a long term basis, or
The mean return period is estimated to be typically, 10000y .
18
(iii)
which are required to prevent radioactive release or to maintain release below limits established by AERB for accident conditions (e.g., containment system).
As a conservative measure, it is recommended to include those items in category1, which are designed to mitigate the consequences of design basis accidents resulting from failure in primary pressure boundary, despite the fact that the latter is designed to withstand earthquake loads. All seismic category-1 structures, systems and components should be designed or qualified for both S1 (OBE) and S2 (SSE) (ref. AERB safety guide AERB/ SG/D-23 on Seismic Qualification). 6.3.2 Seismic Category-2 Seismic category-2 shall include all SSCs which are required to: (i) (ii) prevent the escape of radioactivity beyond the limits prescribed for normal operation and not covered in category-1; or mitigate those accident conditions which last for such long periods that there is a reasonable likelihood of an earthquake of the defined severity occurring during this period and not covered in category-1.
All seismic category-2 structures, systems, and components shall have demonstrated capability to withstand the effects of S1 (OBE). 6.3.3 Seismic Category-3 Seismic category-3 includes SSCs which are not important to safety and those not covered in category-1 or 2. Items under this category may follow national practice; for example, the civil structures under this category can be designed and built as per IS-1893[5]. 6.4 Special Requirements It is possible that certain SSCs, as a result of earthquake, will jeopardise the SSCs in a higher category due to collapse, falling or any other spatial interaction. Such SSCs should be determined by analysis, test or experience and classified in the same category as the endangered SSCs of a higher category; or the absence of collapse, or loss of function of lower category SSCs shall be demonstrated under the reference ground motion or be suitably protected so that they are not jeopardised as above.
19
Since only structural integrity needs to be assured for items reclassified because of their potential for jeopardizing the higher category SSCs, less rigorous seismic evaluation criteria may be used for the reclassified SSCs (ref. AERB/ SG/D-23 for their evaluation criteria). The inclusion of SSCs in category-1 or 2 shall be based on the functional requirements, which shall be assured for safety during or after an earthquake or after an accident not caused by an earthquake. According to their functions, parts of the same system may belong to more than one category. Leak tightness, degree of damage (fatigue, wear and tear, etc.), mechanical or electrical functional capability, maximum displacement, degree of permanent distortion, and preservation of geometrical dimensions are examples of aspects, which shall be considered. In case some SSCs fall partly under category-1 and partly under category-2, those SSCs should be placed under a higher seismic category.
20
7. DESIGN REQUIREMENTS
7.1 General At a very early stage in design of SSCs, the applicable codes, guides and standards should be identified commensurate with the different safety classes. Typical list of applicable design codes under each classification for civil, mechanical, electrical and I&C is given in Annexures I, II, III and IV. The design requirements as used in this context is intended to be broadly interpreted and include such considerations as mechanical design, quality, manufacture and inspection according to the requirements of the recognised codes, guides and standards and acceptable to AERB. On a cautionary note, attention is drawn to the fact that existing design codes and standards for the boundaries of fluid-retaining components may not cover all design requirements that must be satisfied, e.g., those concerned with corrosion, erosion, etc. Furthermore, adequate assurance of component reliability involves other considerations, such as overall quality assurance, in-service inspection, and environmental effects, which may not be covered in the existing, design codes and standards. For design requirements pertaining to seismic design the AERB safety guide on Seismic Qualification, AERB/SG/D-23 should be followed. 7.2 Civil Structures The civil engineering structures are classified into four design classes, depending on the design approach, requirements, and criteria: (a) (b) (c) (d) DC1: pressurised concrete reactor vessels (PCRVs) . DC2: containment structures. DC3: internal structures of reactor building, auxiliary and safety related balance of plant (BOP) buildings and structures. DC4: structures not important to safety.
8
The relationship of safety classes, design classes and the corresponding design approach, load combinations etc., are given in AERB Safety Standard on Civil Engineering Structures Important to Safety of Nuclear Facilities, AERB/SS/CSE, 1998 [6].
PCRVs are in use in Advanced Gas Cooled Reactors and not applicable to PHWRs.
However, this is listed here for the classification to be consistent with international codes.
21
7.3
Mechanical Structures, Systems and Components Design requirements for the various classes of components are given below. Typical list of design codes for designing mechanical SSC is given in Annexure-II. (a) Safety Class 1 The design requirements for safety class 1 shall be highest for the nuclear power plant components. (b) Safety Class 2 The design requirements for safety class 2 are less restrictive than those established for class1. (c) Safety Class 3 The design requirements for safety class 3 are less restrictive than those established for class 2 and are similar to those for class 4 with additional design requirements in recognition of importance to safety. (d) Safety Class 4 The design requirements for safety class 4 are to be consistent with the highest non-nuclear power plant codes and standards, with additional design requirements in recognition of importance to safety.
7.4
Electrical Equipment/Components (a) Safety Class EA The design of class EA systems/equipment/components should meet the requirements of AERB codes, Indian standards and other applicable codes of practice. Physical and electrical independence of redundant systems should be ensured. Single failure criteria should be considered in the design. Emergency power supply should be provided to loads that are important to safety. The requirements for Emergency Electrical Power Systems are given in the AERB Safety Guide on Emergency Electric Power Supply Systems for Pressurised Heavy Water Reactors, AERB/SG/D-11. (b) Safety Class EB Class EB systems/equipment/components should meet the requirements of applicable Indian standards and codes of practice. The equipment/components that are required to withstand radiation and/or seismic acceleration should be designed to withstand such conditions. 22
7.5 7.5.1
Design Requirements for I&C Equipment/Components Basic requirements The basic requirement to ensure functionality is the existence of clear, comprehensive and unambiguous functional requirements and design specifications against which the SSCs shall be checked during design, manufacture, installation, and service, and shall be used as reference for any in-service modifications. For design practices on computer-based systems, refer to AERB safety guide on Computer-based Systems, AERB/SG/D-25.
7.5.2
Specific requirements (a) Safety Class IA The design shall be according to the requirements of the recognised codes, guides and standards that are appropriate to ensure a high level of functionality essential for a safety class IA SSC. The design shall aim to ease verification by maintaining simplicity. This shall result in the exclusion of lower category functions from the SSC (for example, special display calculations and translation of communication protocols should not be carried out by safety system software). A class IA SSC shall have redundancy so that the single failure criterion is met as a minimum. Appropriate separation and/or segregation shall be employed to ensure that single internal hazards cannot disable redundant trains of the SSCs. Where common mode failures, such as software failure or human error, show limits on reliability of redundant SSCs, then diversity shall be provided for that SSC. The function concerned should then require two or more sub-SSCs, diverse from one another. The measures taken to ensure that Class IA SSCs continue to operate under all anticipated operating conditions shall include formal equipment qualification. The qualification of class IA equipment may be achieved using one, or a combination of several different methods- tests, analyses, a combination of these two, possibly by using available data from experience. For design practice on safety class IA, AERB safety guide on Safety Critical Systems, AERB/SG/D-10 should be referred.
23
(b)
Safety Class IB The design process shall be carried out by following appropriate recognised codes, guides and standards; or systems and equipment with a documented history of satisfactory operation in a similar application may be used. While it is desirable that an SSC in this category should have redundancy, this is not mandatory if the SSC can achieve its reliability targets without it. If redundancy is not provided, the SSC shall be systematically evaluated to identify single failures that can prevent its operation and the likelihood and safety consequences of these failures shall be analysed. Where the consequences of single failures are not acceptable because of the magnitude or frequency of their effect on safety, then redundancy shall be provided. Equipment in Safety class IB may require formal qualification. The worst anticipated environment in which the equipment is required to operate shall be established and stated in the requirements specification. The design of the equipment should be systematically reviewed with regard to this specification. Where the equipment is novel or is required to operate in conditions for which commercial equipment is not normally designed (such as a seismic event or extreme environmental conditions), a set of rules shall be established against which the equipment is designed, or an existing design is evaluated. These rules shall be based on experience gained on the special design requirements of class IA equipment and be acceptable to Regulatory Body. For design practice on safety class IB, AERB safety guide on Safetyrelated Instrumentation and Control for Pressurised Heavy Water Reactor Based Nuclear Power Plants, AERB/SG/D-20 should be referred.
(c)
Safety Class IC The design should be examined to verify that the systems and equipment are designed or tested to provide the specified functions under full range of operating conditions, including the most adverse anticipated conditions or occurrences. An SSC in this class does not generally need redundancy; if required, it may be provided so that the SSC achieves its specified reliability.
24
For class IC SSCs, where redundancy is necessary to achieve the specified availability/reliability, these should be assessed and redundancy considered as for class IB. Class IC equipment may be accepted as per normal commercial design standards unless the equipment requires special qualifications (e.g., seismic and fire prevention requirements, or to prevent over voltage or electrical noise in class IC SSCs from affecting class IA or IB SSCs).Consideration for their operation in abnormal environmental conditions shall be supported by documentary evidence. For design practice on safety class IC, AERB safety guide on Safetyrelated Instrumentation and Control for Pressurised Heavy Water Reactor Based Nuclear Power Plants, AERB/SG/D-20 should be referred.
25
8. TYPICAL CLASSIFICATION
8.1 Tables give classification arrived at on the basis of principles enumerated in this safety guide. Table-1: classification for civil items. Table-2: classification for mechanical items. Table-3: classification for electrical equipment. Table-4: classification for instrumentation and control (I&C). These classifications are generally indicative. The process of identification and categorisation can be worked out in the initial phases of design on these lines. The process of classification may continue iteratively during the design since the safety functions, redundancies provided in performing that function and other design features are detailed out.
26
TABLE-1: CIVILENGINEERING STRUCTURES

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION CLASS 1. REACTOR BUILDING 1.1 Containment structure l 2 1 SEISMIC CATEGORY
ICW, OCW, raft and dome, and any other room forming part of containment, e.g., ECCS room
1.2 1.3
Airlock barrels Internal structures including calandria vault REACTOR AUXILIARY/ STATION AUXILIARY BUILDING SERVICE BUILDING
l s, o
2 2
1 1
2.
3.
1*
* The part of building could be two or three depending on radioactive release potential
4.
SPENT FUEL BUILDING, SPENT FUEL BAY, SPENT FUEL TRANSFER DUCT BUILDINGS/HOUSINGS FOR STORAGE TANKS Heavy water storage tank Downgraded heavy water storage tank HEAVY WATER EVAPORATION AND CLEANUP BUILDING CONTROL BUILDING DIESEL GENERATOR BUILDING STACK STACK MONITORING ROOM
5.
5.1 5.2
n n
3 3
2 2
6.
7. 8.
o i
3 3
1 1
9. 10.
l l
3 3
1 1
27
TABLE-1: CIVILENGINEERING STRUCTURES (contd.)

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION CLASS 11. HEAVY WATER UPGRADING PLANT 11.1 Distillation tower along with supporting structure Building Dyke TURBINE BUILDING PUMP HOUSES Safety related Fire water Others (CCW, raw water, etc.) EMERGENCY WATER STORAGE FACILITY FOR LONG TERM COOLING IDCT (INDUCED DRAFT COOLING TOWER) NDCT(NATURAL DRAFT COOLING TOWER) INTAKE STRUCTURE CW DISCHARGE TUNNEL AND OUTFALL STRUCTURE SAFETY RELATED TUNNELS/ TRENCHES NON SAFETY RELATED TUNNELS/ TRENCHES h w 3 3 NINS 1 1 3 4 2 SEISMIC CATEGORY
11.2 11.3 12. 13. 13.1 13.2 13.3
4 4 NINS
2 2 3
14.
15.
16.
NINS
17. 18.
NINS NINS
3 3
19.
20.
NINS
28
TABLE-1: CIVILENGINEERING STRUCTURES (contd.)

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION CLASS 21. WALKWAYS/ PLATFORMS 21.1 Interconnecting safety related building Other walkways SWITCHYARD BUILDING WASTE MANAGEMENT BUILDING Hot cell Dyke area Process building Utility block n 3 4 4 NINS 2 2 2 3 3 1 SEISMIC CATEGORY
21.2 22. 23.
NINS NINS
3 3
23.1 23.2 23.3 23.4
29
TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION CLASS 1. FUEL AND CORE COMPONENTS 1.1 1.2 Fuel Calandria including nozzle attachments, tube sheets and diaphragm plates Calandria tubes and garter springs j h,s 1 3 1 1 SEISMIC CATEGORY
See note-1 Shall also meet the support requirement of NF-class1 Shall also meet support requirement of NF-class1 Shall also meet support requirement of NF-class 1
1.3
h,s
1.4
End shield
1.5
Coolant channel assembly (under loads due to fuel and coolant) Bellow for annulus space between calandria and pressure tubes REACTOR SHUTDOWN SYSTEM AND REACTOR REGULATING SYSTEM Main components of reactor shutdown system Principal components of reactor regulating system PRIMARY HEAT TRANSPORT SYSTEM PHT main circuit including reactor coolant system piping (headers, feeders, main circuit piping and valves including associated system piping upto and including first isolation valve penetrating the containment, primary side of the steam generator), pressure and relief system upto bleed condenser level control valves and relief valves
1.6
2.
2.1
c&d
See note 2
2.2
See note 3
3.
3.1
30
TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS (contd.)

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION CLASS 3.2 Primary coolant pumps (PCP), k 1 pressure retaining components 3.3 Instrument supply line from PHT main circuit upto the first isolation valve PHT purification system PHT sampling system PHT inventory control beyond first isolation valve D2O (PHT) leakage collection system PHT service circuit (includes system required for PHT header level control and boiler filling and draining) PCP gland supply system k 2 SEISMIC CATEGORY 1
Refer para 5.2.1(i)
3.4 3.5 3.6
o o e
3 3 3
2 2 2 See note 4
3.7
3.8
e,n
3.9
Portion of the system from the pump upto and including first isolation valve has safety function k and is safety class 1 and seismic category 1. But this portion would be safety class 2 and seismic category 1, provided the size is within the capacity of inventory control system D2O system upto and including first isolation valve, forming part of primary pressure boundary has safety function k, and is safety class 1. It would be safety class 2 and seismic category 1, provided the size is within the capacity of inventory control system
3.10
F/M supply and return circuit
e,q
31

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION 3.11 Shutdown cooling system g 2 3.12 PHT deuteration and de-deuteration n 4 SEISMIC CLASS 1 2 CATEGORY
This will be upgraded to safety class 3, if its failure results in exposure above the prescribed limits
4.
EMERGENCY CORE COOLING SYSTEM Emergency core cooling system MODERATOR SYSTEMS Moderator circulating system Moderator cover gas system Moderator purification system Moderator poison addition system h,o o o a,b 3 3 3 3 1 2 2 1 If this system is not required for maintaining the reactor in safe shutdown condition, it shall be classified under safety function a, safety class 3 and seismic category 2 f 2 1
4.1 5. 5.1 5.2 5.3 5.4
5.5 5.6
Adjuster rod cooling circuit D2O addition and transfer system D2O leakage collection system Vault leakage collection system D2O sampling system Moderator deuteration and de-deuteration system REACTOR AUXILIARY SYSTEM End shield cooling system
h i,n
3 3
2 2
5.7 5.8 5.9 5.10
n n n n
3 3 3 4
2 2 2 2
6.
6.1
32

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION 6.2 Calandria vault cooling system h 3 6.3 Suppression pool water re-circulation system (for chemical control) Annulus gas monitoring system a. Portion inside RB b. Outside RB 6.5 Spent fuel storage bay cooling system STEAM AND FEED WATER SYSTEM Secondary side of steam generator, including steam lines upto and including main steam isolation valve (MSIV) and feedwater line upto and including first isolation valve Remaining secondary circuit beyond MSIV Auxiliary feed water system D2O UPGRADING AND CLEANUP D2O cleanup D2O upgrading plant Downgraded D2O handling and storage Auxiliary boiler for upgrading COMMON SERVICES Fresh (raw) water systems Chlorination system Condenser circulating water NINS NINS NINS 3 3 3 n n n 4 4 4 2 2 2 g,h 2 1 NINS SEISMIC CLASS 1 3 CATEGORY
6.4
i i q
3 4 3
l 3 1
7.
7.1
7.2
NINS
7.3 8.
g,h
8.1 8.2 8.3
8.4 9. 9.1 9.2 9.3
NINS
33

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION 9.4 Process water system catering h 3 to safety related system/equipment (classes 1, 2, 3 & 4) 9.5 Process water system catering to non-safety related systems/ equipment Domestic water system Demineralised water/makeup water system Service water/process water cooling system, catering to safety related process water system Service water system catering to non-safety related system Chilled water system VENTILATION SYSTEM Turbine building air conditioning and ventilation Service building ventilation for general areas Primary containment ventilation a. Ducting inside RB o 4 3 Check against collapse under seismic category 1, if located near safety related equipment - Do - Do NINS 3 NINS SEISMIC CLASS 1 CATEGORY
9.6 9.7
NINS NINS
3 3
9.8
9.9
NINS
9.10 10. 10.1
NINS
10.2
NINS
10.3
b. Ducting outside RB, fans, filters, cooling coil c. Interface (TCW-OCW), isolation and ducting, V1/V2 isolation dampers 10.4 Secondary containment ventilation system
o o
4 2
1 3
34

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION a. Ducting inside RB o 4 collapse category 1, if located near safety related equipment b. Ducting outside RB, fans, filters,cooling coil 10.5 Reactor auxiliary building ventilation Station auxiliary building and control building ventilation systems o 4 2 - Do SR. SEISMIC CLASS 3 CATEGORY Check against under seismic
10.6
For ventilation of class EA equipment and control room, design shall be of seismic category 1 and safety class 3
10.7
Station auxiliary building air conditioning system FIRE FIGHTING SYSTEM Fire water supply to safety related areas Fire water supply to other areas Gaseous fire extinguishing system
NINS
11. 11.1
11.2 11.3
NINS 4
3 3 System that protects safety related equipment should be designed for seismic category-1
12.
COMPRESSED AIR SUPPLY SYSTEM Compressed air supply to safety related systems Compress air supply to non-safety related systems CONTAINMENT SYSTEMS i 3 1
12.1
12.2
NINS
13.
35

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION 13.1 Primary containment, seconl 2 dary containment air locks and containment isolation systems and portion of piping/ducting of various systems passing through V1/V2 area and ICW/OCW, including the isolation devices 13.2 13.3 Suppression pool system Reactor building emergency coolers and associated ducting Primary containment cleanup system Primary containment controlled discharge system Secondary containment cleanup and purge system Reactor building cooling system for normal operation WASTE MANAGEMENT Waste management system FUEL HANDLING SYSTEM Fuelling machines (x,y,z drive system) F/M head and F/M D2O system (high pressure) upto first isolation valve Fuelling machine carriage, bridge and column Bridge power packs and roll-on shields Spent fuel transfer D2O/ H2O system i 3 1 n 4 3 See note 6 l l 2 2 SEISMIC CLASS 1 CATEGORY
1 1 See note 5
13.4
See note 5
13.5
See note 5
13.6
See note 5
13.7
NINS
14. 14.1 15.
15.1
15.2
15.3
15.4
15.5
36

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION 15.6 16. 16.1 Spent fuel dry transfer system DG FUEL OIL SYSTEM DG fuel oil system (storage tanks, day tanks, transfer pumps, piping, valves for emergency diesel generator) i 3 1 p 2 SEISMIC CLASS 2 CATEGORY
Note-1:
For fuel bundle, due to its collapsible cladding design, and use of special materials (UO2 and Zircaloy), conventional codes like ASME are not applicable. The design requirements for fuel are identified in AERB safety guide on Fuel Design for Pressurised Heavy Water Reactors (AERB/SG/D-6) and in NPCIL specification evolved through design in Pressurised Heavy Water Reactors, development and operating experience.
Note-2: Examples of principal components of reactor shutdown system are: In 220 MWe a. b. c. primary shutdown system secondary shutdown system ALPAS a. b. c. d. In 500 MWe shutdown system 1 shutdown system 2 standpipe assembly and drive mechanisms of SDS1 which have a safety function s and safety class 3 Thimble assembly, helium circuit and auxiliary circuit of SDS2, which have a safety function and safety class 3.
Note-3:
Examples of reactor regulating system are: In 220 MWe a. b. c. d. e. f. adjuster rods shim rods control rods absorber rods regulating rods liquid poison injecting system a. b. c. d. In 500 MWe liquid zone control units adjuster and mechanism control and mechanism liquid zone control system delay tank
Note-4:
System covered under PHT inventory control includes feed, bleed system, D2O storage tank and associated circuit. These systems support the containment function in mitigating the consequences of an accident. These systems can be designed for safety class 3, if failure of the system under accident conditions would not lead to release of radioactivity to the environment beyond acceptable limits for accident conditions. Any component of this system shall be re-assigned to safety class 3, if it contains significant quantities of radioactive materials.
Note-5:
Note-6:
37
TABLE-3: ELECTRICALSYSTEM/COMPONENTS
SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION 1. PROTECTION AND REGULATING SYSTEM 1.1 1.2 Regulating system motors Shut down system EB 1 EB SEISMIC CLASS CATEGORY
1.2.1 Motors for primary shutdown system (SDS1) 1.2.2 Fast acting valve actuators for secondary shutdown system (SDS2) 2. PRIMARY HEAT TRANSPORT SYSTEM PHT system isolation valve actuator PHT circulating pump motors
c, d
EA
2.1
EA
2.2
EB
Motor supports, motor shafts and bearings shall be designed to meet seismic category 1
2.3
Shutdown cooling system g g, i EA EA 1 1
2.3.1 Pump motors 2.3.2 2.4 Valve actuator Pressure and inventory control (feed and bleed)
2.4.1 Pressurising pump motors 2.4.2 Isolating valve actuator with motors 2.4.3 Pressuriser heater excluding pressure boundary part 3. EMERGENCY CORE COOLING SYSTEM Pump motors Valve actuators
e e
EA EA
1 1
EB
Electrical part of the heater is class EB
3.1 3.2
f f
EA EA
1 1
38
TABLE-3: ELECTRICAL SYSTEM/COMPONENTS (contd.)

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION 4. FUEL HANDLING SYSTEM 4.1 F/M supply pump motors q EB SEISMIC CLASS CATEGORY
If pump motor is required for reactor coolant inventory control or for pressure control, safety class shall be EA and safety function shall be e
5.
PHT D2O LEAKAGE COLLECTION SYSTEM
5.1
Valve actuators
EB
Failure of the valve actuators or motor results in release or discharge of radioactivity out of the system, then seismic category 1 applies - Do -
Pump motors 6. 6.1 D2O SAMPLING SYSTEM D2O sampling system (PHT) valve actuators with motors D2O sampling system (moderator) valve actuators with motors MAIN MODERATOR SYSTEM AND MODERATOR AUXILIARY SYSTEMS Main moderator circulating system a. Valve actuators with motor b. Pump motors
EB
EB
6.2
EB
7.
7.1
h -
EA EB
1 1
7.2
Moderator cover gas system blower motors
EB
39

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION 7.3 Moderator purification system motors Moderator poison addition system pump motors D2O addition and transfer system motors D2O collection system motors F/M vault leakage collection system motors Heavy water upgrading plant a. Motors b. Electrical power supply systems for upgrading plant 7.9 7.10 D2O clean up system motors Down graded D2O handling and storage motors Auxiliary boilers for UGP motors SECONDARY SIDE OF STEAM GENERATORS MSIVs actuators Actuators for valves beyond MSIVs Blowdown valve actuators inside RB Containment isolation valve actuator on main feedwater line Main boiler feed pump motor AUXILIARY FEED WATER SUPPLY Valve actuators g,h EA 1 l EA NINS 1 3 NINS NINS 3 3 EB SEISMIC CLASS 2 CATEGORY
7.4
EB
7.5
EB
7.6 7.7
EB EB
3 3
7.8
NINS NINS
3 3
7.11
NINS
8.
8.1 8.2
8.3
EA
8.4
EA
8.5 9. 9.1
NINS
40

SR. STRUCTURES/SYSTEMS/ REMARKS No . COMPONENTS 9.2 Pump motors 10. COMMON SERVICES, DE-MINERALISED MAKE-UP WATER SYSTEM Pump motors Valve actuators CHILLED WATER SYSTEM (CLASS IV) Pump motors Valve actuators CHILLED WATER SYSTEM (CLASS III) Pump motors NINS 3 Safety class shall be EA and seismic category shall be 1, if the motor and valve actuators are essential for cooling safety related electrical equipment, such as UPS NINS NINS 3 3 NINS NINS 3 3 SAFETY SAFETY CLASS 1 SEISMIC CATEGORY
FUNCTION g,h EA
10.1 10.2 11.
11.1 11.2 12.
12.1
12.2 13.
Valve actuators COMPRESSED AIR SYSTEM Compressor motors connected to class III electric power supply Valve actuators connected with class III compressors and air receivers Compressors motors connected with class IV electric power supply Valve actuators connected with class IV compressors and air receivers
NINS
13.1
i i
EA EA
1 1
13.2
13.3
NINS
13.4
NINS
41

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No. COMPONENTS FUNCTION CLASS 14. 15. RAW WATER SYSTEM CHLORINATION SYSTEM REACTOR AUXILIARIES SYSTEM End shield cooling system pump motors Calandria vault cooling pump motors Suppression pool recirculation pump motors Spent fuel storage bay cooling pump motors Spent fuel storage bay purification system pump motors ANNULUS GAS MONITORING SYSTEM Compressor motor D2O VAPOUR RECOVERY SYSTEM Fan motors Condensate collection pump motors Actuators for containment isolation valves Actuators for valves not required for containment isolation Electric heater NINS 3 NINS 3 NINS 3 SR. SEISMIC CATEGORY
NINS
16.
16.1
EA
16.2
EB
16.3
NINS
16.4
EB
16.5
NINS
17.
17.1 18.
18.1 18.2
18.3
EA
18.4
NINS NINS
2 3
18.5
42

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No. COMPONENTS FUNCTION CLASS 19. PROCESS WATER SUPPLY SYSTEM 19.1 Active process water system valve actuators and pump motors Active drainage system pump motors Service water system pump motors (service water system meant for cooling active process water) Non-active process water pump motors a. For safety related application b. For non-safety related application 19.5 Auxiliary service water pump motor RB cooling system AHU fan motors in V2 area VENTILATION SYSTEM Primary containment a. Exhaust fan motors b. RB cooling system AHU fan motors in V2 area c. RB cooling system AHU fan motors in V1 area d. Clean up system fan motors e. Controlled discharge system fan motors 20.2 Secondary containment a. Ventilation system fan motors NINS 3 NINS 2 h EA MINS 1 3 n EA 1 SR. SEISMIC CATEGORY
19.2
NINS
19.3
EA
19.4
NINS
19.6
NINS
20. 20.1
NINS
l l
EA EA
1 1
EA
43

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION CLASS b. Clean up and purge system l EA fan motors 20.3 RAB ventilation system fan motors Service building ventilation fan motors Turbine building ventilation fan motors Station auxiliary building and control building ventilation fan motors a. Areas housing safety related equipment b. Main control room survival ventilation c. Other remaining areas 21. CONDENSER CIRCULATING WATER (CCW) SYSTEM Electrical system FIRE FIGHTING SYSTEM FOR SAFETY RELATED EQUIPMENT Fire water pump motors Valve actuators WASTE MANAGEMENT SYSTEM Electrical system ELECTRIC POWER SUPPLY SYSTEM Main power output system, and turbo-generator including switchyard NINS 3 NINS 3 h h EA EA 1 1 NINS 3 1 EA 1 NINS SEISMIC CATEGORY 1
20.4
NINS
20.5
NINS
20.6
EA
NINS
21.1 22.
22.1 22.2 23.
23.1 24. 24.1
44

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . COMPONENTS FUNCTION CLASS equipment, isolated phase bus ducts, generator transformer and turbo-generator 24.2 Class IV power supply system, including switchgear, MCCs, cabling systems, startup and unit auxiliary transformers Class III, II, I power supply system, including class-III DG sets, switchgears, MCCs, safety related cabling system, safety related power sources and associated system NINS 3 SEISMIC CATEGORY
24.3
EA
45
TABLE-4: INSTRUMENTATION AND CONTROL SYSTEMS/COMPONENTS

STRUCTURES/SYSTEMS/ REMARKS No. COMPONENTS 1. REACTOR PROTECTION & REGULATION 1.1 a. PSS/SDS#1 & SSS/SDS#2, LPIS trip parameters, sensors, processors, actuation logic and associated softwares b. Start up instrumentation* SR. SAFETY FUNCTION SAFETY CLASS SEISMIC CATEGORY
c,d &b
IA
Includes display/alarm of parameters which assists in manual trip action * Since it is used for first start up and start up after long shutdown, the testing requirement may be as per technical specification instead of requirement of IA. Also it is used in manual mode with procedural checks on each step Used only for system health monitoring
IA
Non-seismic
1.2
PSS/SDS#1 & SSS/SDS#2 status monitoring, trip parameters display monitoring I&C for shut-off rods (PSS/SDS#1) For clutch control For drive motor control
IB
Non-seismic
1.3
c&d -
IA IB
1 Non-seismic For drive motors refer electrical table 3, item 1.2.1 Excluding helium supply circuit, auxiliary circuit and conductivity instrumentation which are all NINS/nonseismic Excluding helium supply circuit and auxiliary circuit, which are all NINS/non-seismic
1.4
SSS/SDS#2 process control
c&d
IA
1.5
LPIS process control
IA
1.6
I&C for shim rods /control rods For clutch control * a&b IB Non-seismic *If it is accounted for maintaining subcriticality, it should be classified as safety class IA and seismic catagory 1
46
TABLE-4: INSTRUMENTATION AND CONTROL SYSTEMS/COMPONENTS (contd.)

SR. STRUCTURES/SYSTEMS/ REMARKS No . COMPONENTS For drive motor control SAFETY SAFETY SEISMIC CLASS CATEGORY Non-seismic For drive motor refer electrical table-3, item 1.13 Non-seismic* * Non-Seismic, if it is demonstrated that loss of regulation does not lead tounacceptable fuel damage or impairment of PHT boundary, otherwise Siesmic category I. For drive motor refer electrical table-3, item 1.1. Non-seismic* *Loss of flux tilt control results in slow transients. Non-seismic* *Failure of poison control does not cause loss of regulation accident. Non-seismic* *Used only for calibration function and hence considered non seismic Non-seismic*
FUNCTION IB -
1.7
I&C for RRS(regulating rods and adjuster rods, liquid zone control)
IB
1.8a
Flux tilt control
IB*
1.8b
Poison control (ALPAS)
IB*
1.8c
Flux mapping
IB*
1.8d
Set back and step back
IB
2.
PRIMARY HEAT TRANSPORT PHT pressure a. Protective system i. High pressure trips and IRV actuation k IA 1 Also refer 1.1a above for associated equipment
2.1
ii. Low pressure trip b. PHT pressure control
j v
IA IB
1 Non- seismic
47

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No . c. PHT pressure and feed, COMPONENTS FUNCTION IC CLASS Non-seismic bleed and reflux flow monitoring d. Feed, bleed isolation valve k IA Non-seismic SEISMIC CATEGORY
In 500 MWe reactor design, these valves are required to isolate the affected loop in case of LOCA
2.2
Bleed condenser and bleed cooler instrumentation Primary circulating pumps a. Reactor trip logic
k,v
IB
2.3
IA*
1*
* Excluding circuitry associated with class IV switchgear which is NINS
b. Rest of I&C such as bearing temperature, vibration, oil supply flow, etc. 2.4 Gland seal circuit a. Gland return valve closure b. Rest of I&C 2.5 PHT purification a. For isolating valves for closure on RB penetration b. Rest of I&C 2.6 Storage circuit a. Reactor trip on low level, if provided b. Storage tank level measurement c. Small leak handling system d. Cover gas pressure control
NINS
Non-seismic
j,k -
IB NINS
1 Non-seismic
IA
NINS
Non-seismic
IA
IB
Non-seismic
e -
IB NINS
Non-seismic Non-seismic
48

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No COMPONENTS FUNCTION CLASS 2.7 . Pressuriser circuit a. Level protection circuit and isolation valve closure (pressuriser and loop isolating valves) b. Rest of I&C like heater control, level control 2.8 Fuelling machine supply and return circuit a. For keeping PHT solid and supply to FM as PHT system pressure boundary and for fuel cooling j,k IB 1* *When FM having hot fuel cooling bundles and in unclamped condition, seismic category 2 may be adopted e,k IA 1 SR. SEISMIC CATEGORY
v,e
IB
Non-seismic
b. Rest of I&C 2.9 Shut down cooling system a. For maintaining flows on both D2O & H2O sides of heat exchanger for core cooling during shutdown.
NINS
Non-seismic
g,h
IA*
*Instrumentation of individual loop is presently designed as per IB. The reliability requirement of IA is met with two independent process loops having independent instrumentation
b. Rest of I&C 2.10 Leakage collection and service circuit a. Level of leakage collection tank and C&I of associated pumping back circuit 2.11 F/M vault D2O leakage collection system
NINS
Non- seismic
IC
j,e,u
IB*
*The operator action is necessary to actuate the recirculation phase of small leak handling system
49

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS 2.12 Deutration and dedeutration FUNCTION CLASS No. COMPONENTS system NINS Non-seismic 2.13 D2O addition and transfer system a. For remote operated isolating valves on RB penetration, if provided b. Rest of I&C 3. COOLANT FLOW AND TEMPERATURE MONITORING Channel flow monitoring a. Associated with low flow trip b. Remaining loop j IA 1 l IA 1 SR. SEISMIC CATEGORY
NINS
Non-seismic
3.1
NINS*
Non-seismic
*IB if used in reactor regulating system
3.2
Channel temperature monitoring Selected channel delta T monitoring
IB
Non-seismic
3.3
NINS*
Non-seismic
*IB if used for reactor regulating system.
4. 4.1
MODERATOR Moderator main circulation a. Calandria high level trip b. Calndria low level trip/box up j s IA IB* 1 2 *This is provided for protection of reactor components *Used for reactor set back
c. Calandria outlet temperature high d. Rest of I&C 4.2 Moderator purification
IB*
Non-seismic
IC
Non-seismic
50

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No. a. For isolation valves on COMPONENTS FUNCTION IA CLASS l reactor building penetration and near tapping point from main system b. Rest of I&C 4.3 Cover gas syatem a. I&C related to ensuring recombination b. Rest of I&C 4.4 Adjuster rod cooling circuit a. For low flow trip s IB* Non-seismic *Used for protection of reactor component s IC Non-seismic NINS SR. SEISMIC 1 CATEGORY
Non-seismic
NINS
Non-seismic
b. Rest of I&C 4.5 Deutration and dedeutration system Manual poison addition system D2O addition and transfer system a. Remote operated isolation valves on RB penetration, if provided b. Rest of I&C 4.8 4.9 4.10 5. 5.1 D2O sampling system Vacuum mopping system Down graded D2O storage FUEL Fuel failure monitoring
NINS NINS
4.6 4.7
IC
Non-seismic
IA
NINS NINS NINS NINS
Non-seismic Non-seismic Non-seismic Non-seismic
IB
Non-seismic
51

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS 6. No. REACTOR AUXILIARIES FUNCTION COMPONENTS 6.1 End shield cooling system a. For maintaining flows and expansion tank level b. Rest of I&C 6.2 Calandria vault cooling system a. For maintaining flows and expansion tank level b. Rest of I&C 6.3 Pressure supression pool system a. Containment isolation on filling/draining/recirculaton, as applicable b. Level monitoring 6.4 Spent fuel storage bay (SFSB) cooling system a. Cooling circuit b. Level monitoring for SFSB c. Rest of I&C 6.5 Annulus gas monitoring system a. Isolation valves on RB penetration b. Rest of I&C 6.6 D2O vapour recovery system a. Isolation dampers on RB penetration b. Rest of I&C 6.7 D2O clean up and upgrading plant l,m IA 1 q n IB IC NINS Non-seismic Non-seismic Non-seismic l IB 1 s IB 2 Refer item 4.1.b above SR. SEISMIC CLASS CATEGORY
NINS
Non-seismic
s,v -
IB NINS
u, l
IC
Non-seismic
l c
IB IB
1 Non-seismic
IC NINS
52

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No. STEAM AND FEED COMPONENTS FUNCTION CLASS 7. WATER SYSTEM 7.1 SG level control a. Protective function b. Control function c. Rest of I&C 7.2 SG pressure control a. ASDV control b. Rest of I&C 7.3 7.4 7.5 MSIV control Crash cool down SG blow down a. For isolation valve on RB penetration b. Rest of I&C 7.6 Feed water system a. Main feed water b. Aux. Feed water control c. I&C associated with reactor trip/set back/step back, if any d. Rest of I&C 7.8 7.9 8. 8.1 Condenser air evacuation TG & auxilaries COMMON SERVICES Process water system and process water cooling system/ service water v g g IC IB IB Non-seismic 1 Non-seismic Associated with deaerator level l IB 1 g v l g IB IB IB IA Non-seismic 1 1 g v IA IB NINS 1 Non-seismic Non-seismic SR. SEISMIC CATEGORY
NINS
Non-seismic
NINS NINS NINS
Non-seismic Non-seismic Non-seismic
53

SR. STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS a. Catering to safety related FUNCTION CLASS No . COMPONENTS system/equipment i. For maintaining circulation ii. Rest of I&C b. Catering to non safety system 8.2 Chilled water system a. Catering to safety related system/equipment i. For maintaining circulation ii. Rest of I&C b. Catering to non safety system 8.3 Active drainage system a. For isolation valves on RB penetration and V1/V2 penetration b. Rest of I&C 8.4 Fire water system a. Fire water supply to safety related areas for fire fighting or for emergency cooling b. Fire water supply to other areas 8.5 8.6 8.7 8.8 TG and auxiliaries CCW system DM water system Domestic water system w,h IB 1 l IA 1 h IB 1 h IB 1 SEISMIC CATEGORY
NINS NINS
NINS NINS
NINS
Non-seismic
IC*
Non-seismic
* For industrial safety
NINS NINS NINS NINS
Non-seismic Non-seismic Non-seismic Non-seismic
54

SR. STRUCTURES/SYSTEMS/ REMARKS No . COMPONENTS 8.9 Chlorination system 9. EMERGENCY CORE COOLING SYSTEM a. C&I for emergency injection upto recirculation f, t IA 1 This includes the corresponding instrumentation to sense the LOCA condition and provide information for operator action in case of blind LOCA SAFETY SAFETY CLASS Non- seismic SEISMIC CATEGORY
FUNCTION NINS -
9.1
b. Poised status monitoring of ECCS c. Rest of I&C 10. 10.1 VENTILATION RB (primary and secondary containment) ventilation system a. Containment isolation b. V1/V2 isolation
IB
Non-seismic
NINS
Non-seismic
l l,s
IA IB
1 1 Single failure criteria has to be met
c. Rest of I&C 10.2 F/M vault, pump room and SG room coolers (V1 areas) RB cooling (V2 areas) PC clean up
l,o
NINS IB
Non-seismic 1 Single failure criteria has to be met
10.3 10.4
NINS IB
Non-seismic 1 Single failure criteria has to be met
10.5
SC recirculation and purge and PCCD a. Isolation dampers * l IA 1 *Applicable, if the dampers are manually open
b. Rest of I&C
IB
55

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No. COMPONENTS FUNCTION CLASS 10.6 SB/RAB, etc., ventilation a. Containment exhaust b. Clean air 10.7 MCR ventilation a. Survival b. MCR & SCR normal 11. CONTROL CENTRE EQUIPMENT Main control room panels, supplementary control room panels, control equipment panels and relay logic panels * 1* * The instrumentation items on the panels are classified as per the respective systems * Seismic category 1 for panels is applied only for structural integrity 11.2 Distributed control system/ plant PLC v IB Non-seismic* * 1 for individual system portion, if required Non-seismic * Redundant operator information should be provided consistent with related safety category where operator action is required to ensure NPP safety. In case system is used for surveillance of safety system, it should be classified as IC o IC NINS 1 Non-seismic o IC NINS Non-seismic Non-seismic SR. SEISMIC CATEGORY
11.1
11.3
Process information system, computerised operator information system, digital recording
NINS*
11.4 11.5
Window annunciation Central clock system
w,v -
IB NINS
1 Non-seismic
56

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS No. COMPONENTS FUNCTION CLASS 12. STATION CONTROL POWER SUPPLIES 12.1 Control power supply (normal and supplementary) i,v IA* 1* SR. SEISMIC CATEGORY
*Where separate power supply is used it should be consistent with system classification
12.2
I&C for control power supply ground fault detection AIR LOCKS For containment related action For normal operation COMPRESSED AIR Instrument air supply to safety/ safety related system Instrument supply to non safety related system Mask air Service air FUEL HANDLING CONTROLS Fuelling machine clamping control and leak detection Safety interlocking system Position monitoring systems Dry transfer control Sequenctial operational logic CCTV Rest of I&C
IC
Non-seismic
13 13.1 13.2 14 14.1
l o
IA IB
1 Non-seismic
IB
14.2
NINS
Non-seismic
14.3 14.4 15.
NINS NINS
15.1
IA
15.2 15.3 15.4 15.5 15.6 15.7
s, v v p v -
IB IC IB IC NINS NINS
2 Non-seismic 2 Non-seismic Non-seismic Non-seismic
57

STRUCTURES/SYSTEMS/ SAFETY SAFETY REMARKS 16 No. HEAVY WATER LEAK COMPONENTS FUNCTION CLASS DETECTION 16.1 Beetles, D2O to H2O leak detection (gamma, infrared/ tritium monitor, tririum in air monitoring) COMMUNICATION PA system, intercom Wireless, P&T FIRE ALARM Fire alarm system MISCELLANEOUS Radiation monitoring system a. RB containment isolation (high activity logic) b. Rest of I&C including RADAS 19.2 Seismic instrumentation l IA 1 w IC Non-seismic IC NINS Non-seismic Non-seismic u IC Non-seismic SR. SEISMIC CATEGORY
17 17.1 17.2 18. 18.1 19. 19.1
u, o
IC
Non-seismic
IC*
* Not used for reactor trip
19.3
Meteorological equipment a. Only wind direction and speed for post accident monitoring b. Rest of I&C l IC Non-seismic
NINS NINS IB IC
Non-seismic Non-seismic 1 Non-seismic
19.4 19.5 19.6
RB proof and RB leak test DG fuel oil system Waste management system
58
ANNEXURE-I
TYPICAL LIST OF STANDARDS FOR CIVIL ENGINEERING STRUCTURES SL. No. 1 2. 3. DESCRIPTION Design Class DC-1 Design Class DC-2 Design Class DC-3 STANDARD * AERB/SS/CSE-3 ** Concrete Structures: AERB/SS/CSE-1 Steel Structures: AERB/SS/CSE-2 Embedded Parts: AERB/SS/CSE-4**
This class includes pressurised concrete reactor vessels which are not used in PHWRs. Under preparation.
**
59
ANNEXURE-II
TYPICAL LIST OF CODES FOR MECHANICAL STRUCTURES, SYSTEMS AND COMPONENTS SL. NO. 1 2. 3. 4. DESCRIPTION Safety Class-1 Safety Class-2 Safety Class-3 Safety Class 1,2,3 (Equipment, valves, piping) supports Containment sealing bellows, embedded parts Safety Class-4 (Safety Pressure vessels) Safety Class-4 (piping) CODE ASME Section III NB ASME Section III NC ASME Section III ND ASME Section III NF
5.
ASME Section III NE
6.
ASME Section VIII, DIV.-1
7.
B 31.1
60
ANNEXURE-III
TYPICAL LIST OF CODES AND STANDARDS FOR ELECTRICAL SYSTEMS/COMPONENTS
1.
AERB Safety guide on Emergency Electric Power Supply Systems for Pressurised Heavy Water Reactors, AERB/SG/D-11 (2002). Applicable standards published by Bureau of Indian Standards. Indian Electricity Rules. IEEE-344 : IEEE-Recommended practice for Seismic Qualification of class1E equipment for Nuclear Power Generating Station.
2. 3. 4.
61
ANNEXURE-IV
TYPICAL LIST OF STANDARDS FOR I&C SYSTEMS/COMPONENTS Sr. No. 1. 2. Standard/Guide AERB/SG/D-10 AERB/SG/D-20 Number Title AERB Safety Guide on Safety Critical Systems AERB Safety Guide on Safety-Related Instrumentation and Control for Pressurised Heavy Water Reactor Based Nuclear Power Plants AERB Safety Guide on Computer-based Systems Degrees of Protection Provided by Enclosure for Low Voltage Switchgear and Control Gear. Basic Environmental Testing Procedures for Electronic and Electrical Items ASME Performance Test Code - Pressure Measurement ASME Performance Test Code - Temperature Measurement ASME Performance Test Code - Flow Measurement Nuclear Power Plants - Instrumentation and Control Systems Important to Safety Classification Standard for Qualifying Class 1E Equipment for Nuclear Power Generating Station. IEEE Recommended Practice for Seismic Qualification of Class 1E Equipment of Nuclear Power Generating Station Criterion for Independence of Class 1E Equipment and Circuits. IEEE Standard for the Design and Qualification of Class 1E Control Boards, Panels and Racks Used in Nuclear Power Generating Stations. IEEE Recommended Practice for the Design of Safety Related DC Auxiliary Power System for Nuclear Power Generating Stations. Instrument Society of America - Recommended Practice for Flange Mounted Sharp Edged Orifice Plate Assemblies for Flow Measurement 62
3. 4. 5. 6. 7. 8. 9.
AERB/SG/D-25 IS 2147/13947 IS 9000 ASME PTC-19.2 ASME PTC-19.3 ASME PTC-19.5 IEC-1226
10. 11.
IEEE-323 IEEE-344
12. 13.
IEEE-384 IEEE-420
14.
IEEE-946
15.
ISA RP 3.2
REFERENCES
1. ATOMIC ENERGY REGULATORY BOARD, Code of Practice on Design for Safety in Pressurised Heavy Water based Nuclear Power Plants, AERB Code No. AERB/SC/D, Mumbai, India (1989). ATOMIC ENERGY REGULATORY BOARD, Code of Practice on Quality Assurance for Safety in Nuclear Power Plants, AERB Code No. AERB/SC/ QA, Mumbai, India (1988). ATOMIC ENERGY REGULATORY BOARD, Code of Practice on Safety in Nuclear Power Plant Siting, AERB Code No. AERB/SC/S, Mumbai, India (1990). INTERNATIONAL ELECTROTECHNICAL COMMISSION, Nuclear Power Plants - Instrumentation and Control Systems Important for SafetyClassification, International Standard IEC-1226 (1993). BUREAU OF INDIAN STANDARDS, Criteria for Earthquake Resistant Design of Structures, BIS Standard IS-1893 (1984). ATOMIC ENERGY REGULATORY BOARD, Civil Engineering Structures Important to Safety of Nuclear Facilities; AERB Safety Standard No. AERB/ SS/CSE, Mumbai, India (1998).
2.
3.
4.
5.
6.
63
BIBLIOGRAPHY
1. INTERNATIONAL ATOMIC ENERGY AGENCY, Safety Functions and Component Classification for BWR, PWR and PTR, IAEA Safety Series No. 50-SG-D1 (1979). INTERNATIONAL ATOMIC ENERGY AGENCY, The Safety of Nuclear Installations, Safety Fundamentals, IAEA Safety Series No. 110 (1993). INTERNATIONAL ATOMIC ENERGY AGENCY, Defence in Depth in Nuclear Safety, A report by the International Nuclear Safety Advisory Group, IAEA Safety Series No. INSAG-10 (1991).
2.
3.
64
LIST OF PARTICIPANTS
WORKING GROUP Dates of meeting : July 27, 1992 July 7, 1993 July 13, 1993 August 2, 1993 September 24, 1993 November 30, 1993 October 31, 1997 November 10, 1997 November 24, 1997 December 5, 1998 January 5, 1998 January 16, 1998 January 27, 1998 August 4, 1998 December 17, 1999 January 5, 2000 March 27, 2000
Members of working group: Shri S.P. Singh (Convenor up to 1997) Shri S.A. Bharadwaj (Chairman) Shri H.S. Kushwaha Shri P.D. Sharma Dr. P.C. Basu Shri M.P. Sharma Shri L.V. Behari Shri M.K. Kannan Shri R.N. Bhawal Shri S.K. Srivastava Shri S.K. Warrier Shri Ravi Prakash Shri D.R. Singh Shri S.A.H. Ashraf (Member-Secretary) : : : : : : : : : : : : : : AERB (Former) NPCIL BARC NPCIL AERB NPCIL NPCIL NPCIL NPCIL NPCIL AERB NPCIL NPCIL AERB
65
ADVISORY COMMITTEE ON CODES, GUIDES AND ASSOCIATED MANUALS FOR SAFETY IN DESIGN OF NUCLEAR POWER PLANTS (ACCGD)
Dates of meeting : January 9, 1999 February 2, 1999 March 18, 1999 April 29, 1999 July 16, 1999 March 7, 2000 October 6, 2000
Members of ACCGD: Shri S.B. Bhoje (Chairman) Shri S. Damodaran Prof. N. Kannan Iyer Shri V.K. Mehra Shri Umesh Chandra Shri Deepak De Shri S. Sankar Shri C.N. Bapat Shri S.A. Bharadwaj Dr. S.K. Gupta Shri K. K. Vaze Shri S.A. Khan (Member-Secretary) : : : : : : : : : : : : IGCAR NPCIL (Former) IIT, Bombay BARC BARC AERB BARC NPCIL NPCIL BARC BARC AERB
66
ADVISORY COMMITTEE ON NUCLEAR SAFETY (ACNS)

Date of meeting Members of ACNS: Shri Ch. Surendar (Chairman) Shri S.K. Sharma (Vice-Chairman) Dr. V. Venkat Raj Shri S.P. Singh Shri R.K. Sinha Shri S.S. Bajaj Shri Ramesh D. Marathe Shri S.K. Agarwal Shri K. Srivasista (Member-Secretary) : : : : : : : : : NPCIL (Former) BARC BARC AERB (Former) BARC NPCIL L&T, Mumbai AERB AERB : November 28, 2001
Date of meeting Members of ACNS: Shri S.K. Mehta (Chairman) Shri Ch. Surendar Shri S.M.C. Pillai Prof. U.N. Gaitonde Shri S.K. Goyal Shri S.K. Sharma Dr. V. Venkat Rai Dr. U.C. Mishra Shri S.P. Singh Shri G.K. De Shri K. Srivasista (Member-Secretary)
February 3, 2001
: : : : : : : : : : :
BARC (Former) NPCIL (Former) Nagarjuna Group, Hyderabad IIT, Bombay BHEL, Hyderabad BARC BARC BARC (Former) AERB (Former) AERB (Former) AERB
67
PROVISIONAL LIST OF SAFETY CODES, GUIDES AND MANUAL ON DESIGN OF PRESSURISED HEAVY WATER REACTORS
Safety Series No. Provisional Title
AERB/SC/D AERB/NPP-PHWR/ SG/D-1 AERB/SG/D-2 AERB/SG/D-3 AERB/SG/D-4 AERB/SG/D-5 AERB/NPP-PHWR/ SG/D-6 AERB/SG/D-7 AERB/NPP-PHWR/ SG/D-8 AERB/SG/D-9 AERB/SG/D-10 AERB/SG/D-11 AERB/SG/D-12 AERB/SG/D-13 AERB/SG/D-14
Code of Practice on Design for Safety in Pressurised Heavy Water Based Nuclear Power Plants Safety Classification and Seismic Categorisation for Structures, Systems and Components of Pressurised Heavy Water Reactors Structural Design of Irradiated Components Protection Against Internally Generated Missiles and Associated Environmental Conditions Fire Protection in Pressurised Heavy Water Reactor Based Nuclear Power Plants Design Basis Events for Pressurised Heavy Water Reactors Fuel Design for Pressurised Heavy Water Reactors Core Reactivity Control in Pressurised Heavy Water Reactors Primary Heat Transport System for Pressurised Heavy Water Reactors Process Design Safety Critical Systems Emergency Electrical Power Supply Systems for Pressurised Heavy Water Reactors Radiation Protection in Design Liquid and Solid Radwaste Management in Pressurised Heavy Water Reactor Based Nuclear Power Plants Control of Air-borne Radioactive Materials in Pressurised Heavy Water Reactors
68
PROVISIONAL LIST OF SAFETY CODES, GUIDES AND MANUAL ON DESIGN OF PRESSURISED HEAVY WATER REACTORS (contd.)
Safety Series No. Provisional Title
AERB/SG/D-15 AERB/SG/D-16 AERB/SG/D-17 AERB/SG/D-18 AERB/NPP-PHWR/ SG/D-19 AERB/NPP-PHWR/ SG/D-20 AERB/SG/D-21 AERB/SG/D-22 AERB/SG/D-23 AERB/SG/D-24 AERB/SG/D-25 AERB/SG/D-26 AERB/SM/D-1
Ultimate Heat Sink and Associated Systems in Pressurised Heavy Water Reactors Materials Selection and Properties Design for In-Service Inspection Loss of Coolant Accident Analysis for Pressurised Heavy Water Reactors Hydrogen Release and Mitigation Measures under Accident Conditions in Pressurised Heavy Water Reactors Safety Related Instrumentation and Control for Pressurised Heavy Water Reactor Based Nuclear Power Plants Containment System Design Vapour Suppression System for Pressurised Heavy Water Reactors Seismic Qualification Design of Fuel Handling and Storage Systems for Pressurised Heavy Water Reactors Computer Based Safety Systems Deterministic Safety Analysis of Nuclear Power Plants Decay Heat Load Calculations
69

Class 1 SG D 01

Uploaded by

Document Informationclick to expand document information

Copyright:

Available Formats

Class 1 SG D 01

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Class 1 SG D 01

Uploaded by

Copyright:

Available Formats

AERB SAFETY GUIDE NO.

(Suhas P. Sukhatme) Chairman, AERB

: CIVIL ENGINEERING STRUCTURES .........

: TYPICAL LIST OF STANDARDS FOR CIVIL ENGINEERING STRUCTURES ................ 59

LIST OF PARTICIPANTS ........ 65 WORKING GROUP ............ 65

2. BASIS OF SAFETY CLASSIFICATION

(f) (g) (h) (i)

(j) (k) (l) (m)

4. METHODOLOGY OF ASSIGNMENT OF SAFETY CLASSES

5. THE SAFETY CLASSES

The mean return period is estimated to be typically, 10000y .

TABLE-1: CIVILENGINEERING STRUCTURES

TABLE-1: CIVILENGINEERING STRUCTURES (contd.)

11.2 11.3 12. 13. 13.1 13.2 13.3

TABLE-1: CIVILENGINEERING STRUCTURES (contd.)

21.2 22. 23.

23.1 23.2 23.3 23.4

TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS

TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS (contd.)

Refer para 5.2.1(i)

3.4 3.5 3.6

F/M supply and return circuit

TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS (contd.)

4.1 5. 5.1 5.2 5.3 5.4

5.7 5.8 5.9 5.10

TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS (contd.)

8.1 8.2 8.3

8.4 9. 9.1 9.2 9.3

TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS (contd.)

9.10 10. 10.1

TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS (contd.)

TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS (contd.)

14. 14.1 15.

TABLE-2: MECHANICAL STRUCTURES, SYSTEMSAND COMPONENTS (contd.)

Shutdown cooling system g g, i EA EA 1 1

Electrical part of the heater is class EB

TABLE-3: ELECTRICAL SYSTEM/COMPONENTS (contd.)

PHT D2O LEAKAGE COLLECTION SYSTEM

Moderator cover gas system blower motors

TABLE-3: ELECTRICAL SYSTEM/COMPONENTS (contd.)

TABLE-3: ELECTRICAL SYSTEM/COMPONENTS (contd.)

10.1 10.2 11.

11.1 11.2 12.

TABLE-3: ELECTRICAL SYSTEM/COMPONENTS (contd.)

TABLE-3: ELECTRICAL SYSTEM/COMPONENTS (contd.)

TABLE-3: ELECTRICAL SYSTEM/COMPONENTS (contd.)

22.1 22.2 23.

23.1 24. 24.1

TABLE-3: ELECTRICAL SYSTEM/COMPONENTS (contd.)

TABLE-4: INSTRUMENTATION AND CONTROL SYSTEMS/COMPONENTS

SSS/SDS#2 process control

LPIS process control

TABLE-4: INSTRUMENTATION AND CONTROL SYSTEMS/COMPONENTS (contd.)

Flux tilt control

Poison control (ALPAS)

Set back and step back

ii. Low pressure trip b. PHT pressure control

TABLE-4: INSTRUMENTATION AND CONTROL SYSTEMS/COMPONENTS (contd.)