html5-img
1 / 60

Lessons-Learned from Severe Accident in Fukushima Dai-ichi NPP and Ensuring Nuclear Safety

Lec. 6 (Seminar on “Sharing Experience on Nuclear Power for Development” in Vietnam). Lessons-Learned from Severe Accident in Fukushima Dai-ichi NPP and Ensuring Nuclear Safety. Akira Yamaguchi Department of Energy and Environment Osaka University, Osaka, Japan. Contents.

olaf
Télécharger la présentation

Lessons-Learned from Severe Accident in Fukushima Dai-ichi NPP and Ensuring Nuclear Safety

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lec. 6 (Seminar on “Sharing Experience on Nuclear Power for Development” in Vietnam) Lessons-Learned from Severe Accident in Fukushima Dai-ichi NPP and Ensuring Nuclear Safety Akira YamaguchiDepartment of Energy and Environment Osaka University, Osaka, Japan

  2. Contents • Fukushima Dai-ichi Accident • Lessons-Learned • How to Ensure Safety • Unknowns • Black Swan and White Raven….White Snake • Comprehensive Risk Assessment • Conclusions

  3. Contents • Fukushima Dai-ichi Accident • Lessons-Learned • How to Ensure Safety • Unknowns • Black Swan and White Raven….White Snake • Comprehensive Risk Assessment • Conclusions

  4. Beginning of Disaster • Earthquake at 14:46, March 11, 2011 • The first tsunami attack at 15:27 • The second at 15:35, which exceeded the site elevation • Diesel generators failed at 15:37-41 • Station Blackout with no power provision nor recovery • Seawater system failed • Loss of Ultimate Heat Sink • DC batteries failed • No plant parameter information visible (pressure, water level, injection rate)

  5. Higashi-Dori1,100MW, 2005 Earthquake Source and NPPs Onagawa#1524MW, 1984 #2825MW, 1995 #3825MW, 2002 Fukushima #1460MW, 1971 Dai-ichi #2784MW, 1974 #3784MW, 1976 #4784MW, 1978 #5784MW, 1978 #6 1,100MW, 1979 M9.0 3/11 14:46 Fukushima #1 1,100MW, 1982 Dai-ni #21,100MW, 1984 #3 1,100MW, 1985 #4 1,100MW, 1987 Tokai Dai-ni1,100MW, 1978

  6. Earthquake(Observed PGA/Design Ss ground motion) S-N E-W U-D Higashidori Onagawa(Units 1-3) Fukushima Dai-ichi (Units 1-6) Fukushima Dai-ni (Units 1-4) Tokai Dai-ni Source: NISA Homepage

  7. Tsunami Flood Height Run-up(South of Unit 1) Flood Level Design Site Elv. Higashidori Onagawa Unit 1-4 Unit 5&6 Fukushima Dai-ni (2.6m以下) Tokai Dai-ni Fukushima Dai-ichi

  8. Summary of Fukushima Dai-ichi Accident • Radiation Exposure of Fukushima Residents (for 4 months after the accident) • 99 out of 25,520 exceed 10mSv (public), maximum 25.1mSv • 48 out of 147 exceed 10mSv (workers in nuclear facilities) • Confusion in evacuation, food and water control • Contamination of land is significant • If emergency preparedness works, they should have been mitigated • Exposure limitation in emergency situation • Intake control of food and drinks • Mitigation measure of significant radioactive release

  9. 15:42, Mar.11 15:57, Mar.11 15:46, Mar.11 15:43, Mar.11

  10. The Tsunami Caused Station Blackout (SBO) and Loss of Ultimate Heat Sink

  11. Crossroad in Fukushima Dai-ichi Accident Vicious Circle • Earthquake - Practically no damage on safety functions • Tsunami - Loss of multi-functions (not only safety but logistics) • Station blackout (SBO) • Loss of ultimate heat sink (LUHS) • Loss of instrumentation and control (I&C) • Loss of communication and information (lighting, computer, mobile phone, paging) • Loss of off-site external assistance • Fear on aftershock and another tsunami • Hydrogen Explosion on Unit 1 at 15:36, March 12 • Loss of accident management • Loss of accessibility • Loss of habitability • Fear on another explosion (units 2 and 3)

  12. Crossroad in Fukushima Dai-ichi Accident Recovery from Disaster • The staff always considered priority; to select the best action on the worst unit • Knowledge-base management • Mobile equipment • Car batteries • Information is helpful for good decision making • Helicopter flight confirmed water in the spent fuel pool on March 16 • External support started (Self-Defense Force, Fire Management Agency, etc.) • Core cooling using fire engines • Spent fuel pool cooling using concrete pump vehicles

  13. Contents • Fukushima Dai-ichi Accident • Lessons-Learned • How to Ensure Safety • Unknowns • Black Swan and White Raven….White Snake • Comprehensive Risk Assessment • Conclusions

  14. Lessons from Japanese Government Report • The most important basic principle in securing nuclear safety is “defense in depth” • Strengthen preventive measures against a severe accident (8) • Enhancement of response measures against severe accident (7) • Enhancement of nuclear emergency responses (7) • Reinforcement of safety infrastructure (5) • Thoroughly instill a safety culture (1) Report of Japanese Government to the IAEA Ministerial Conference on Nuclear Safety, The Accident at TEPCO's Fukushima Nuclear Power Stations (June 2011)

  15. Recommendations for Enhancing Reactor Safety in the 21st Century • Clarifying the Regulatory Framework (1) • Ensuring Protection (2) • Enhancing Mitigation (5) • Strengthening Emergency Preparedness (3) • Improving the Efficiency of NRC Programs (1) • The Near-Term Task Force Review of Insight from the Fukushima Dai-ichi Accident, JULY 12, 2011

  16. Fukushima NPS Accident • Initiated by a natural disaster • A severe accident with damage to boundaries Multiple reactors units • A mid- to long-term initiative is needed • A long-term evacuation of many residents in vicinity • A major impact on industrial activities • Many aspects different from the accidents in the past

  17. Characterization of the Accident • Emergency response activities in the seriously deteriorated social infrastructure • The occurrence of aftershocks frequently and tsunami alarm • This accident led to a severe accident, shook the trust of the public, and warned those engaged in nuclear energy

  18. Category 1: Strengthen preventive measures against a severe accident • 1. Strengthen measures against earthquakes and tsunamis • 2. Ensure power supplies • 3. Ensure robust cooling functions of reactors and PCVs • 4. Ensure robust cooling functions of spent fuel pools • 5. Thorough accident management (AM) measure • 6. Response to issues concerning the siting with more than one reactor • 7. Consideration of NPS arrangement in basic designs • 8. Ensuring the water tightness of essential equipment facilities

  19. Category 2: Enhancement of response measures against severe accidents • 9. Enhancement of measures to prevent hydrogen explosions • 10. Enhancement of containment venting system • 11. Improvements to the accident response environment • 12. Enhancement of the radiation exposure management system at the time of the accident • 13. Enhancement of training responding to severe accidents • 14. Enhancement of instrumentation to identify the status of the reactors and PCVs • 15. Central control of emergency supplies and equipment and setting up rescue team

  20. Category 3: Enhancement of nuclear emergency responses • 16. Responses to combined emergencies of both large-scale natural disasters and prolonged nuclear accident • 17. Reinforcement of environmental monitoring • 18. Establishment of a clear division of labor between relevant central and local organizations • 19. Enhancement of communication relevant to the accident • 20. Enhancement of responses to assistance from other countries and communication to the international community • 21. Adequate identification and forecasting of the effect of released radioactive materials • 22. Clear definition of widespread evacuation areas and radiological protection guidelines in nuclear emergency

  21. Category 4: Reinforcement of safety infrastructure • 23. Reinforcement of safety regulatory bodies • 24. Establishment and reinforcement of legal structures, criteria and guidelines • 25. Human resources for nuclear safety and nuclear emergency preparedness and responses • 26. Ensuring the independence and diversity of safety systems • 27. Effective use of probabilistic safety assessment (PSA) in risk management

  22. Category 5: Thoroughly instill a safety culture • 28. Thoroughly instill a safety culture • “Nuclear safety culture” is stated as “A safety culture that governs the attitudes and behavior in relation to safety of all organizations and individuals concerned must be integrated in the management system.” (IAEA, Fundamental Safety Principles, SF-1, 3.13) • Licensees have prime responsibility for securing safety • Review every knowledge and finding, and confirm whether or not they indicate a vulnerability of a plant • Take appropriate measures for improving safety, when they consider uncertainties exist in terms of risks concerning the public safety • Japan will establish safety by: • Looking at the basis, namely defense-in-depth • Constantly learning professional knowledge on safety • Maintaining an attitude to identify weaknesses and vulnerability

  23. Lessons from Nuclear and Industrial Safety Agency (NISA) Report • Accident sequences have been investigated • Accident prevention strategies have been identified • Emergency countermeasures has been selected • To control the accident within design basis • To prevent the beyond design basis event progress to SA • To mitigate the SA consequence so that source term emission is limited • Japanese Regulatory Authority Requires 30 Provisions • Baseline for ensuring safety for Fukushima scenario but more general • Station Blackout (SBO) and Loss of Ultimate Heat Sink (LUHS) scenarios are protected Technical Knowledge of the Accident at Fukushima Dai-ichi Nuclear Power Station of Tokyo Electric Power Co. Inc., Nuclear and Industrial Safety Agency, March 2012

  24. Technical Knowledge and 30 Provisions • External Power (Offsite) Supply (4) • On-site power Supply (7) • Core Cooling / Injection (6) • Primary Containment Vessel and Hydrogen Explosion Control (7) • Command, Communication and Instrumentation & Control (6)

  25. Lessons Learned - General • We can manage situations, even if they are serious • Flexibility, knowledge-base and imagination really work in beyond design basis event • Prior agreement with society is important to make emergency response practicable • Justification of nuclear benefit and acceptance of risk are inseparable • Risk is uncertainty– PRA deals with uncertainties and identifies vulnerabilities

  26. Contents • Fukushima Dai-ichi Accident • Lessons-Learned • How to Ensure Safety • Unknowns • Black Swan and White Raven….White Snake • Comprehensive Risk Assessment • Conclusions

  27. How to Ensure Safety…Risk Model - in Mathematical Form • To ensure safety, suppress the risk to low level • Reduce Frequency • Mitigate Consequence • It works only If we know the frequency precisely and we control the consequence Risk Consequence Frequency = ×

  28. Frequency and Consequence; Which Is More Important? Low Consequence Large Risk Frequency Lack of knowledge and recognition Uncertainty Small Risk Low Frequency Consequence Large risk means large uncertainty

  29. Approach to Ensure Safety – Limit the Risk • Risk is not “frequency” times “consequence” • Risk comes from uncertainty which we cannot be free from • We must be prepared for uncertainty and overcome ignorance • Approach to prepare for uncertainty and to limit the risk is : Defense-in-Depth • What causes the risk? • Source term or radioactive material: fission product causes the risk • Who sustains the risk? • Public health and safety and environment sustain the risk

  30. Defense in DepthKeep Public Distant from Hazard • Identify Hazard Source • Radioactive materials • Define Safety Objective • Health and property of public and environment • Keep Hazard and Public Separate Public health and property, environment Hazardous Material Management

  31. 3rd Defense : Objective Is the Goal • To protect public is most important • Emergency response is scenario-less • Scenario is unpredictable • 1st defense depends on scenario • Flexibility and knowledge-base action works • Management system • Drill and education • Safety culture

  32. 2nd Defense Is Flexible and Broad 3rd Defence Emergency preparedness 2nd Defence Mitigation 1st DefencePrevention Health and safety, and property of public Hazard (Fission Product) Management No Severe Accident Contain Fission Product Respond to Emergency Barrier / Distance / Time Boundaries of the 2nd defense are ambiguous and overlapped

  33. Contents • Fukushima Dai-ichi Accident • Lessons-Learned • How to Ensure Safety • Unknowns • Black Swan and White Raven….White Snake • Comprehensive Risk Assessment • Conclusions

  34. “Absolutely Unlikely” Is Impossible • Black Swan / White Raven Black Swan(N. Taleb, 2007) White Ravens (Hempel's Ravens)

  35. Four Categories of Undesirable Event Unlikely Known unknown Known known Knowledge Rare Unknown Unknown unknown Unknown known Recognition Two Beyond-Design-Basis Type: Unlikely Event and Rare Event

  36. Precursor is Messenger of Safety • White Snake (Iwakuni City, Yamaguchi, Japan) • Appearance of unknowns is messenger of safety Messenger of God We know white raven / black swan, then, be prepared for them

  37. Known Unknown Becomes Reality Flooding: Le Blayais NPP, France Earthquake and tsunami in the Indian Ocean off Sumatra : Kalpakkam NPP Fort Calhoun NPP: Missouri River Flooding in 2011, USA

  38. Prepare for Unknown High Consequence Event • Low Frequency High Consequence Event (Rare) • We recognize the event but it is rare. So we refrain from collecting knowledge • Even though frequency is very low, we should have at least knowledge on: • Cliff edge, weak link, safety margins, practical management • Low LikelihoodHigh Consequence Event (Unlikely) • Event is unlikely and we disregard the risk • We should delineate unknown scenario and investigate every possibility • Accident sequence precursors (Empirical / Factual) • Probabilistic Risk Assessment (Deductive / Eliciting)

  39. Identification and Preparation for Unknowns • “Known Known” is already prevented • Design basis • “Unknown” becomes “Known” • PRA find out sequences (Unknown Known) • BWR containment vessel failure (SBO scenario): hardened vent • Unexpected event becomes reality (Known Unknown) • Small LOCA and human error (TMI) • SBO+LUHS (Fukushima Daiichi) by tsunami • “Unknown knowns” are investigated • Stress test (comprehensive safety evaluation) • “Known unknowns” are protected • Emergency provisions

  40. Role of Stress Test, PRA and Provisions The 1st Defense Beyond recognition Knowledge level Known unknown Known known Urgent Provisions Design Basis Residual Risk Beyond knowledge Stress test PRA The 2nd Defense Unknown unknown Unknown known Recognition level The 3rd Defense How to deal with the residual?

  41. Do We Accept Residual Risk? IAEA Fundamental Safety Principles Facilities and activities that give rise to radiation risks must yield an overall benefit. Justification is the action of declaring or making righteous in the sight of God (Oxford Dictionary of English) Be ready to accept risk under justification But continue to reduce / optimize risk 正義の女神、ユースティティア(Justitia)

  42. Contents • Fukushima Dai-ichi Accident • Lessons-Learned • How to Ensure Safety • Unknowns • Black Swan and White Raven….White Snake • Comprehensive Risk Assessment • Conclusions

  43. Probabilistic Risk Assessment • Lessons learned #27 (Japanese government) • Effective Use of PSA in Risk Management • Utilize PSA in improving safety measures as well as accident management • Recommendation 1 (USNRC) • The Task Force recommends establishing a logical, systematic, and coherent regulatory framework for adequate protection that appropriately balances defense- in-depth and risk considerations.

  44. Atomic Energy Society of JapanOrganizations for PRA Standards Subcommittees Committees

  45. Atomic Energy Society of JapanPRA Standard Line-up

  46. Direct Effect of Earthquake and Tsunami on March 11

  47. External Events Coupling • Seismic experience of secondary failure • Onagawa NPP: a fire induced by the earthquake in a transformer in 2011 earthquake off the Pacific coast of Tohoku • Kashiwazaki-Kariwa NPP, the Tyuetsu Offshore Earthquake triggered a fire of a station service transformer of in 2007 • Spent fuel pool sloshing • Some external events may induce multiple failures and/or another external event • Earthquake and tsunami • Seismic-induced fire and seismic-induced internal flooding of especially non-safety grade equipment are probable

  48. Other Unresolved IssuesLevel 2 PRA and Level 3 PRA • Tsunami PRA standard deals with level 1 PRA for reactors in power operation • AESJ has developed level 2 PRA standard and level 3 PRA standard for internal events • They can be applied to external event as well • Necessity to develop standards for level 2 PRA and level 3 PRA for external events • Consideration if an external event has specific features in terms of the fission product release, containment performance and the emergency responses

More Related