Beyond Design Basis Accident Analysis
Beyond Design Basis Accident Analysis (BDBAA) is necessary to establish that there are adequate margins to the Design Basis Accident Analysis (DBAA) such that a Structure, System or Component (SSC) does not fail due to a small increase in the severity of a design basis cause, leading to a potentially catastrophic failure i.e. exhibit a cliff-edge effect. Beyond design basis events represent all credible events that are less frequent than considered within the DBAA criteria.
Sensitivity studies should be undertaken to provide confidence there are no cliff-edges which challenge the interpretation and conclusion of the Deterministic Safety Assessment (DSA). If there are cliff-edge effects then measures need to be taken to prevent or mitigate against them through design changes to the plant.
BDBAA is undertaken in order to:
- Provide an understanding of SSC response to faults or hazards beyond the design basis to aid decision-making e.g. As Low As Reasonably Practicable (ALARP) decisions, including the behaviour of barriers to prevent radiological release and shielding. In particular the aim is to establish whether there is a sudden escalation in radiological consequences just beyond the design basis.
- Promote confidence in the robustness of the SSC to naturally occurring and manmade hazards within the design basis by demonstrating the absence of cliff-edge effects for more severe hazards.
- Support the claims on SSC response made in the Probabilistic Safety Assessment (PSA) relating to very infrequent events, particularly with respect to frequency and nature of failures, and their expected radiological consequences.
- Inform associated ALARP assessments of any reasonably practicable changes in design that could improve the beyond design basis response of the SSC, either by removing cliff-edges or increasing the margin of failure.
- Contribute to the formulation of emergency arrangements, which would be invoked for accident conditions both within and outside the design basis.
The scope of the BDBAA for plant performance and each SSC will vary depending on the importance to nuclear safety (SSC safety classification) and the claims made on its withstand against events by Safety Functional Requirements (SFRs) or PSA. The process to derive BDBAA requirements is detailed below:
- Establishment of modes of failure under beyond design basis conditions, extrapolated from SFRs, the fault schedule and/or the Hazard Identification (HAZID) process. Comprehensive assessment is required for failure modes in Class A and Class B SSCs with a view to promoting fault tolerance.
- Margin assessment of naturally occurring and man-made hazards with the aim of demonstrating an absence of cliff edges in SSCs. The assessment includes increasing the magnitude of design basis hazards, and assessing the plant response and SSC withstand. The events to be reviewed should include any hazards screened out from the DBAA in terms of frequency and from SFRs requiring design basis withstand of hazards.
- Analysis of the beyond design basis faults in terms of an accident analysis including an assessment of radiological consequences.
- Verification of design and performance claims made within the PSA. However many claims can be verified from the previous steps.
- Support to the ALARP assessment and design decision making by identifying and assessing any safeguards that may improve response to beyond design basis events.
- Contribution to the formulation of emergency arrangements by providing input to required equipment and countermeasures to limit potential on-site and off-site consequences.
The scope of required BDBAA for modifications to SSCs will vary as a function of their importance to nuclear safety (i.e. the associated safety class) and the claims (if any) made on its withstand against events by the SFRs and in the PSA.