Page 431 - Fundamentals of Magnetic Thermonuclear Reactor Design
P. 431

Safety of Fusion Reactors  Chapter | 14    409


                A function is considered to be performed if the amount of RSs released
             into the environment is within acceptable safety limits regardless of the facil-
             ity’s operational state. In normal operating conditions and upon correction of
             the initiating failure, the performance of a function is realised by the so-called
             lines of defence (LoD), that is, an assembly of safety systems and components
             (localising, protecting, managing and ensuring). The LoDs may include physi-
             cal and functional barriers. The physical barriers, such as the reactor vessel or
             equipment shells, are designed to ensure the confinement of RSs.
                The functional barriers are systems and equipment that restrict the spread
             of radioactivity released through a physical barrier.  These include premises
             equipped with ventilation and detritiation systems.
                The severity of a radioactivity release depends on the starting radioactivity
             level in each of the systems under review and the LoD technical characteristics,
             such as seal tightness, strength and effectiveness.
                The LoD’s key characteristic is reliability determined by the frequency of
             failures. The higher the expected extent of damages, the higher the prescribed re-
             liability. In any case, human health risks must be strictly limited (Table A.14.1.1).
                Because the severity of an accident depends on the radioactivity level in the
             system and its ability for mobilisation, it is important to minimise RSs amount
             and inhibit their transition to mobility. At the design stage, this task is accom-
             plished by a careful selection of technological processes and structures and
             setting optimal operating conditions. The RS content in systems and premises
             must be continuously monitored while the facility is in operation.
                Where it is impossible to confine risks using a single LoD, adequate safety
             function performance must be achieved by putting a number of separate LoDs
             in the way of potential RS release.
                To ensure the safety systems’ reliability, the design principles, such as ensur-
             ing that LoDs are diverse in terms of structure, function and time, independent
             and functionally or spatially separated, are applied. Where possible, passive en-
             gineered safety systems (that do not rely on external power supplies, control
             signals or personnel) and proven technologies are employed (the passivity and
             proven technology principles).
                There are other principles to be adopted, for example, no harm in case of
             failure, controlled operation, diversity of specific measures, and accident pre-
             vention as the first priority.
                As a rule, safety systems may also implement functions of normal opera-
             tion. For multifunctional systems, the safety function is of key importance. Its
             fulfilment depends on how effectively auxiliary safety functions are performed.
             In case of the tokamak, such functions include a reactor’s emergency shutdown,
             heat removal from the in-vessel components, control of coolant enthalpy and
             energy stored in the magnetic field, and hazard monitoring.
                Systems and components related to operational safety, as well as systems whose
             failure may disturb the fusion reactor’s normal operation or lead to an accident are
             referred to as Safety Important System/Component (SIS/SIC). They must conform
   426   427   428   429   430   431   432   433   434   435   436